White Hat Exploiter Returns $1.5M to Lender for $97K in Ether

Tender.fi, a DeFi lender, lost $1.59 million worth of assets after an exploit on March 7. The hacker behind the attack returned the stolen assets in exchange for a bounty of $97,000 in Ether, CoinTelegraph wrote.

The loan platform confirmed the exploit on Twitter and suspended all lending, citing an unusual volume of borrowing.

Issue with misconfigured oracle

The hacker took advantage of an oracle price glitch to borrow $1.59 million from the protocol in exchange for just 1 GMX token, worth around $71 at the time. According to blockchain data, he wrote that it appeared their oracle was misconfigured and asked them to reach out.

Late on March 7, the DeFi lender reached an agreement with the white hat hacker, according to which the latter would return all the stolen money less a bounty of around $97,000 in ether, coming to just under $1.5 million. The hacker had repaid the funds within an hour.

The thoughtless white hacker

In August 2022, a cybercriminal attacked the cross-chain Nomad Bridge. They exploited a smart contract to steal almost $200 million from the bridge in a few hours in what was one of the biggest crypto hacks in history.

Funds returned, but why?

Within the next few hours, they had returned around $33 million. Over the course of the month, the hacker continued to return funds. This continued until as recently as February 18 this year. A transaction in Covalent Query Token (CQT) worth $7,868 was recorded by the blockchain on that date. The assets were transferred to Nomad’s official recovery address.

A free NFT wasn't enough

On behalf of Nomad, NFT company Metagame had offered a free NFT as a white hat prize to the perpetrator if they proved they had returned at least 90% of the stolen assets. The exclusive NFT, which could be minted by the person who gave the funds back, only consisted of a white wizard’s hat. The hacker expressed deep disappointment upon receiving nothing but this “silly little NFT.”