On October 10th, the decentralized finance (DeFi) protocol Transit Swap announced that it had reached an agreement with the largest hacker for a refund. About a week ago, a hacker exploited an internal flaw in an exchange contract within the protocol and forced others to fake a security breach, resulting in the loss of over $23 million in user funds.
However, a major hacker has since recovered almost 70% of the funds held in custody, thanks to the help of security firms such as Peckshield, SlowMist, Bitrace and TokenPocket. They quickly tracked down the hacker by identifying the IP address, email address and associated address lines.
According to the agreement dated October 10, the hacker must return the remaining 10,000 BNB.
Approximately $2.74 million worth of tokens were removed from the exploit in exchange for being released from all legal liabilities arising from the Transit Swap attack. In addition, the hacker will keep 2,500 BNB ($685,600) for his attempts to expose white hat vulnerabilities.
Updates on TransitFinance
A consensus was reached between the biggest hacker and a TransitFinance official: the hacker will keep 2,500 BNB as a reward and return the remaining 10,000 BNB to users. https://t.co/DOwRw7doYy
– Obor exchange | Buy transit | NFT (TransitFinance) 10 October 2022
The Transit Swap team also set a deadline of October 12 for two hack impersonators and a hack arbitrator to return the stolen funds. After that, the developers threatened that “legal action” would be taken.
Related: White Hat Discovers Major Vulnerability in Ethereum-Arbitrum Bridge: Wen max bounty?
At the beginning of the year, DeFi exploits were mostly low-risk and high-paying due to the anonymity of users. Recently, the rise of blockchain analytics companies and DeFi criminal firms, as well as the US ban on crypto mixers such as Tornado Cash, have made it difficult for hackers to launder stolen funds. Instead, some decided to return the money and keep part of the earnings as a “reward” for exposing vulnerabilities, as in the case of the Nomad Bridge hack.