About six hours following the hack, the hacker's on-chain message emerged. Yet, blockchain security firms observed that the hacker had initiated the process of exchanging the pilfered funds for Ether.
The hacker responsible for the $11.6 million breach of decentralized finance (DeFi) platform Prisma Finance is asserting it was a "whitehat rescue" and is seeking information on returning the funds, as per on-chain communications.
Around six hours post-attack, the exploiter stated, "Hi, this is a whitehat rescue, who can I contact to refund," using the address "0x2d4…7507a," previously associated with the attack.
Approximately two hours later, the DeFi firm responded, saying, "Please reach out to us at negotiations@prismafinance.com."
A white hat hacker is someone who employs their hacking skills to uncover security flaws in software code. In the wider realm of cybersecurity, these experts typically inform the creators of the vulnerability rather than exploiting it for personal gain.
However, in the cryptocurrency sector, it's more typical for hackers to exploit the protocol and then request a white hat bounty in return for immunity, though there have been instances where they've returned funds without seeking any reward.
The first all around of fraudulent transactions happened on March 28 at 11:29 a.m. UTC. The investigation being carried out by Prisma Finance aims to identify the root cause of the attack. PeckShield, a blockchain security business, reports that almost $11.6 million was stolen and moved to three other accounts.
Then, according to blockchain security company Cyvers, the hacker started changing the pilfered money into Ether (ETH).
In response, Prisma Finance engineers have suspended the DeFi protocol.
Before the exploit, Prisma Finance had around $220 million in total value locked on its protocol. However, this amount has dropped significantly to $115 million following the incident, as reported by DeFiLlama.
March 2024, Cryptoniteuae