Curve hacker returns assets, beginning with $10M in ETH and alETH

The individual behind the $61 million asset drain on Curve Finance, a decentralized exchange, has taken steps to return some of the stolen cryptocurrency. On Friday, the perpetrator utilized an Ethereum blockchain transaction to reach out to Alchemix, one of the victims and requested verification of the protocol’s address to facilitate the return of the assets. 

Subsequently, they transferred approximately $10 million worth of ether (ETH) and alETH to Alchemix’s multi-signature wallet through multiple transactions, as indicated by the data on Etherscan.

Following the recent transactions returning the crypto, CRV, the governance token of Curve Finance, experienced a significant surge, rising by 5% in the past 24 hours. The development has instilled hope among the victims that the platform will recover a substantial portion of the stolen assets. 

Curve offers bounty to hacker

On August 3, Curve Finance and two other DeFi platforms, Metronome and Alchemix, announced a bounty to retrieve the funds stolen in recent attacks. The three projects collectively stated that they are willing to engage in discussions with any parties involved in the recent Curve exploits. They then proposed a 10% bounty of the stolen funds as a reward if the attackers returned the remaining 90%.

As an incentive, the projects have assured that if the attacker(s) voluntarily return the stolen funds, they will not pursue any further actions or involve law enforcement. However, suppose the attackers do not come forward by August 6. In that case, the 10% bounty will go towards anyone who can identify and provide evidence leading to the conviction of the responsible parties in a court of law. The DeFi platforms assert that they will pursue the attacker(s) through all legal channels and, to the fullest extent permissible under the law.

On the same day as the announcement of the bounty, one of the main participants involved in the recent exploit took the initiative and returned up to $5.4 million of the stolen funds. 

Curve’s attack affected the DeFi market 

On July 30, Curve Finance experienced a hack, losing $60 to $70 million from the platform. The attacker exploited a vulnerability in Vyper smart contracts, enabling them to conduct other attacks on different platforms.

In addition to the attack on Curve, the hacker also targeted Alchemix’s alETH pools which resulted in a theft of $22.6 million, while Metronome’s msETH pools suffered a loss of $3.4 million.

These high-profile hacks have significantly affected the DeFi ecosystem, leading to a decline in the total locked value (TVL) in DeFi platforms. As reported on August 2, investors and liquidity providers withdrew over $3 billion from DeFi services in response to the recent security breaches. 

As a result of the recent plunge in the value of CRV, the founder of Curve Finance, Michael Egorov, faced the risk of his loans, secured with $168 million worth of CRV, being liquidated. The potential liquidation seriously threatened lending protocols like Aave, which would have been burdened with tens of millions of dollars in bad debt. Egorov took measures to secure funds and pay off his loans to prevent this near-catastrophic situation. He opted to sell approximately $42 million worth of his CRV holdings in over-the-counter deals. One notable buyer in these transactions was Justin Sun, a crypto entrepreneur and founder of the Tron blockchain.