- 90% of the stolen money was returned by the hacker, who gave back 414 ETH in one original transaction and 51.75 ETH in another.
- The lending protocol verified that they had gotten the funds after the transaction.
Sentiment’s lending protocol was able to get back the money that was stolen in the most recent breach by paying the hacker a $95,000 bounty.
Sentiment offered the hacker $95,000 in an on-chain transaction on the Arbitrum blockchain and pleaded with them to “do the right thing” by returning the money by April 6. The protocol also made money available to anyone who could assist in identifying and prosecuting the offender if the hacker did not refund the money.
Taylor Monahan, a developer for MetaMask, kept watch of the situation and pointed out that the hacker had initially returned 414 Ether, which was worth about $771,000. The hacker eventually sent 51.75 more ETH to the Sentiment recovery account. The lending protocol verified that they had gotten the funds after the transaction.
On April 4, the attack was carried out. While other on-chain sleuths claimed that the attacker used a bug, some speculated that the assault may have been a re-entry attack. Initial estimates of the lost funds were in the neighborhood of $500,000, but after some time, locals verified that the losses were more in the neighborhood of $1 million.
A reentrancy exploit was used by the hacker to steal the money. Thanks to a third-party security auditor, the team responded swiftly and implemented a fix. The particular technique was described as using a bug in the view re-entrance Balancer to run malicious code before updating pool balances and stealing money using expensive collateral.
Not many additional specifics have been released regarding the money’s return. A complete statement from the Sentiment team will be released in a few hours, which should provide the crypto world with more details on what happened. As it stands, 10% has been offered as a bounty as a consequence of the team’s successful negotiations with the hacker.
The event bears some resemblance to the most recent hack of Euler Finance. On April 4, the Ethereum protocol used a bounty to persuade a hacker to restore about 90% of the money that had been taken. Around $176.4 million in digital assets were returned by the thief, but he kept nearly $20 million.