Key takeaways:
- Sturdy Finance lost 442 Ether due to a security flaw worth over $800,000.
- Sturdy Finance has announced a $100,000 reward for the hacker who took advantage of the protocol.
Sturdy Finance, a platform for decentralized Finance (DeFi), lost 442 Ether due to a security flaw worth over $800,000. Sturdy Finance has announced a $100,000 reward for the hacker who took advantage of the protocol. If the attacker accepts the offer, the loan platform states that its team won’t look into the situation any further.
The blockchain security company PeckShield informed Sturdy Finance of a transaction that appeared to be connected to price manipulation on June 12. After learning of the attack a little over an hour later, the DeFi protocol responded by stopping all of its markets and assured its customers that no additional funds were at risk.
The blockchain security firm BlockSec also emphasized that the hack was carried out using a reentrancy attack, which is a typical technique hackers employ to take money through DeFi protocols.
By using this technique, hackers can call a function many times in a single transaction before the first function call has finished. Hackers can use this to withdraw more money than is permitted.
Eight prominent members of the cryptocurrency community’s Twitter accounts were taken over by scammers, who then used them to spread their con schemes. Blockchain sleuth ZachXBT claims that after hacking the accounts of well-known DJ Steve Aoki, Pudgy Penguins entrepreneur Cole Villemain, and even crypto critic Peter Schiff, hackers had taken approximately $1 million in cryptocurrency.
Sam Forman, the creator of Sturdy Finance, tweeted a day after the theft that they would give the hackers $100,000 in exchange for returning the stolen money to a certain wallet.
Forman claims that recent breaches have demonstrated that exploit evasion is more complex than it formerly was. The executive declared that they would be willing to put the matter to rest if the hacker accepted the offer. Forman added that Sturdy Finance is willing to talk with the assailant.
Recent attacks demonstrate that rewarding hackers with rewards may enable platforms to recoup some of the funds that have been stolen. By negotiating and providing a bounty to their attacker on April 4, the Euler Finance team recovered 90% of the stolen assets in one of the largest DeFi breaches this year. Similar to this, the lending protocol Sentiment made $870,000 following an exploit by paying the hacker a bounty.
Not all projects have the same luck, despite some demonstrating success in negotiating with hackers. The Jimbos Protocol team offered an $800,000 bounty to the public on June 1 after the attacker who used their platform’s vulnerability disregarded their bounty offer. Anyone who can give information that results in the hacker’s capture or the recovery of the funds will be eligible for the reward, according to the site.
