Key Points:
Sam Forman, the project’s founder, confirmed today that his team had sent an on-chain message to the unknown attacker’s address. This message offers the perpetrator a bounty of $100,000 to return the stolen funds to a specified address owned by Sturdy, adding that the team will advocate for no criminal charges if the funds are returned.
This offer follows a security incident in which an attacker exploited a reentrancy vulnerability in one of Sturdy Finance’s liquidity pools. The vulnerability allowed the hacker to manipulate a price oracle and eventually siphon off funds.
“To the exploiter: as we have seen with recent hacks, exploits are not as easy to escape from as they used to be. That said, we are willing to offer you $100k as a bounty, and will not pursue you further if you send the remaining funds to 0x4e489d9863c9bAAc6C4917E1221274760BA889F5.
You can also contact us at sturdyfi@protonmail.com if you would like to discuss,” the message read.
As Coincu reported, Sturdy Finance has lost 442 Ether, worth almost $800,000, to a security exploit. The attacker exploited a vulnerability that eventually manipulated a faulty price oracle, allowing them to drain funds from the protocol.
On June 12, blockchain security firm PeckShield alerted Sturdy Finance and reported a transaction that seemed to be related to price manipulation. Almost an hour later, the DeFi protocol said that they were aware of the exploit and responded by pausing all their markets and assuring its users that no additional funds were at risk. The team reassured users that no other funds were at risk and that the platform’s security would be thoroughly investigated.
Despite a swift response from the DeFi lending platform, PeckShield confirmed that the attacker was able to transfer almost $800,000 in ETH to the crypto mixer Tornado Cash. The security firm also noted that the root cause of the exploit was a faulty price oracle.
Additionally, the blockchain security company BlockSec highlighted that the hack was done through a reentrancy attack, which is a common method hackers use to withdraw funds from DeFi protocols.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Harold
Coincu News
While Aave finds itself in uncertain territory, a fresh face in the crypto scene, Qubetics…
Analysts push for a Dogecoin price surge to its $0.2288 yearly high while ETFSwap (ETFS)…
Discover the promising altcoin under $1 that may outperform XRP amid election volatility and market…
Campinas, Brazil, 5th November 2024, Chainwire
Terra Shuttle Bridge has now been closed, and all remaining LUNC and USTC tokens have…
Miami, Florida, 5th November 2024, Chainwire
This website uses cookies.