The hacker responsible for the $11.6 million exploit of decentralized finance (DeFi) protocol Prisma Finance is now claiming that it was a “whitehat rescue” and expressing a desire to return the funds, according to on-chain messages. On March 28, about six hours after the attack, the hacker sent a message from the address “0x2d4…7507a” that stated, “Hi, this is a whitehat rescue, who can I contact to refund.” Prisma Finance responded about two hours later, instructing the hacker to contact them at [email protected].
White hat hackers are individuals who use their hacking skills to identify security vulnerabilities in software code. In the world of cybersecurity, these experts typically notify the creators of the attack vector instead of exploiting it themselves. However, in the cryptocurrency industry, it is more common for hackers to exploit protocols and then demand a white hat bounty in exchange for immunity. There have also been cases where hackers returned funds without requesting any reward.
The initial malicious transactions took place on March 28 at 11:29 am UTC. Prisma Finance is currently investigating the root cause of the attack. Blockchain security firm PeckShield estimated that approximately $11.6 million was stolen and sent to three different addresses. The hacker then began exchanging the stolen funds for Ether (ETH), according to blockchain security firm Cyvers. PeckShield later observed that around 200 Ether was transferred to OFAC-sanctioned cryptocurrency mixer Tornado Cash. Prisma Finance engineers have since halted the DeFi protocol.
Before the exploit, Prisma Finance had around $220 million in total value locked on its protocol. However, this figure has now dropped to $115 million, according to DeFiLlama. Meanwhile, the Prisma Governance Token (PRISMA) initially fell 30% to $0.244 following the news but has since rebounded to $0.289, according to CoinGecko.
Cointelegraph reached out to Prisma Finance for comment but has not received an immediate response.
The DeFi industry continues to be plagued by cryptocurrency hacks, hampering its development. In the first two months of 2024, over $200 million worth of cryptocurrencies were lost to hacks and rug pulls across 32 separate incidents, according to Web3 security firm Immunefi. In 2023, a total of $1.8 billion was lost to cryptocurrency hacks and scams, with 17% attributed to the North Korean Lazarus Group, according to a report by Immunefi on December 28.
A team of white hat hackers called “SEAL 911” has been formed to combat crypto hacks in real time.