The attacker who drained $8.9 million of Binance Coin (BNB) from SafeMoon has agreed to return 80% of the funds, based on an April 18 blockchain message from the SafeMoon crew.
Breaking Information: #SafeMoon has struck a cope with the “hacker”
80% LP return imminent.
20% bounty for “hacker”
And no fees pressedNow, again to your frequently scheduled program. pic.twitter.com/x94fSb4EoP
— SafeMoonSpidey.sfm ⎷ (@SafeMoonSpidey) April 18, 2023
SafeMoon is a decentralized finance (DeFi) protocol that runs on BNB Chain. It was hacked on March 28, leading to a lack of 27,000 BNB price $8.9 million on the time.
On April 18, at 1:19 p.m. UTC, the SafeMoon Deployer account posted a transaction to the BNB community with the attacker’s tackle because the recipient. The transaction contained a coded message in 8-bit Unicode Transformation Format (UTF-8) that said the next:
“SafeMoon has reached an settlement with the occasion at the moment holding the funds. Particularly, SafeMoon has agreed to just accept 80 % of the quantity returned, with the opposite occasion retaining the stability as a bounty. SafeMoon has additional agreed to not file any authorized actions towards them. After cautious consideration of the circumstances, it’s believed that is in one of the best curiosity of SafeMoon and the group.”
The coded message is the newest in a collection of communications between the SafeMoon crew and the attacker because the events tried to settle. On March 29, the attacker claimed that they had drained the funds by accident.
The crew responded on the identical day, asking the attacker to supply a Telegram deal with the place they might be contacted. The attacker didn’t present a Telegram deal with however did present an nameless Outlook e-mail tackle as an alternative. The crew then said, “E mail message despatched. 12:33 UTC.”
There was no additional blockchain communication between the 2 sides till the April 18 message confirming that the settlement had been made.
Hacking DeFI protocols and negotiating to maintain some funds has turn into widespread lately. On April 4, the Euler Finance attacker, who had beforehand drained over $196 million from Euler, issued an apology message and returned almost the entire funds gained from the assault. On April 6, the exploiter who had drained $967,000 of crypto from Sentiment returned almost 90% of it after the crew agreed to allow them to preserve the remaining quantity.
Some Web3 builders have argued that bug bounties needs to be bigger and improvement groups needs to be extra diligent about paying them, as they allege this might inspire hackers to report bugs as an alternative of exploiting them.
