Curve Finance opens bounty after exploiter return deadline expires
Curve Finance is offering a bug bounty offer of $1.85 million to anyone who can identify the operator of its stable pools.
News
Join us on social networks
Decentralized Finance (DeFi) Protocol Curve Finance is offering a bug bounty offer to anyone able to identify the exploiter responsible for taking over $61 million from its pools on July 30.
Curve and other protocols affected by the attack offered a 10% bug bounty to the hacker on August 3, totaling over $6 million. After accepting the offer, the hacker returned the stolen assets to Alchemix and JPEGd, but did not issue refunds to the other affected pools. With the deadline passed, anyone able to identify the attacker will now be rewarded with assets worth $1.85 million.
"The deadline for voluntary return of funds in the Curve exploit has moved to 0800 UTC. We are now extending the bounty to the public and offering a reward worth 10% of the remaining exploited funds (currently 1. US$85 million) to the person who is able to identify the exploited in a way that leads to a conviction in court." reads the chain post, which adds that "if the exploiter chooses to return the funds, we will not go any further".
CRV/ETH miner deadline passeshttps://t.co/VphQ0bfYr2 pic.twitter.com/x8LP9Tx4rs
— Curve Finance (@CurveFinance) August 6, 2023Before returning the funds, the striker posted a message that appears to have been directed to the teams of Alchemix and Curve, claiming to be willing to return the funds only because they did not want to ruin the affected projects. "I'm reimbursing not because you can find me, it's because I don't want to ruin your project," the chain post read.
The attack happened on July 30 and resulted in the loss of over $61 million...
Curve Finance is offering a bug bounty offer of $1.85 million to anyone who can identify the operator of its stable pools.
News
Join us on social networks
Decentralized Finance (DeFi) Protocol Curve Finance is offering a bug bounty offer to anyone able to identify the exploiter responsible for taking over $61 million from its pools on July 30.
Curve and other protocols affected by the attack offered a 10% bug bounty to the hacker on August 3, totaling over $6 million. After accepting the offer, the hacker returned the stolen assets to Alchemix and JPEGd, but did not issue refunds to the other affected pools. With the deadline passed, anyone able to identify the attacker will now be rewarded with assets worth $1.85 million.
"The deadline for voluntary return of funds in the Curve exploit has moved to 0800 UTC. We are now extending the bounty to the public and offering a reward worth 10% of the remaining exploited funds (currently 1. US$85 million) to the person who is able to identify the exploited in a way that leads to a conviction in court." reads the chain post, which adds that "if the exploiter chooses to return the funds, we will not go any further".
CRV/ETH miner deadline passeshttps://t.co/VphQ0bfYr2 pic.twitter.com/x8LP9Tx4rs
— Curve Finance (@CurveFinance) August 6, 2023Before returning the funds, the striker posted a message that appears to have been directed to the teams of Alchemix and Curve, claiming to be willing to return the funds only because they did not want to ruin the affected projects. "I'm reimbursing not because you can find me, it's because I don't want to ruin your project," the chain post read.
The attack happened on July 30 and resulted in the loss of over $61 million...
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
