Hacker behind Munchables incident restores $62.8M Ether without demanding ransom

The Munchables hacker, who happened to be a developer for the game, had a change of heart after eight hours and returned $62.8 million worth of stolen Ether (ETH) without demanding a ransom. The hack occurred on March 26 at around 9:30 pm UTC, draining over 17,400 ETH from the Ethereum-based nonfungible token (NFT) game Munchables. Munchables, along with PeckShield and ZachXBT, started tracking the stolen funds in an attempt to intercept them. ZachXBT revealed that the exploit was a result of the Munchables team hiring a North Korean developer known as “Werewolves0943.” On March 27 at 4:40 am UTC, Munchables identified the hacker as one of their own developers. After an hour of negotiations, the former developer agreed to return the stolen funds. Pacman, the creator of the Blast blockchain on which Munchables is built, thanked ZachXBT for his support and announced that the ex-Munchables developer returned all funds without any ransom. Pacman will now collaborate with the Munchables team to redistribute the recovered funds. Victims of the hack are advised to only follow official communications to avoid refund scams. In another incident, a hacker stole approximately $24,000 from four different ParaSwap addresses, but the funds were recovered and users were refunded with the help of white hat hackers. ParaSwap resolved the issue by revoking permissions for the vulnerable AugustusV6 smart contract. Out of the 386 affected addresses, 213 have yet to revoke allowances for the flawed contract as of March 25.