The hacker who compromised the decentralized finance lending platform Tender.fi has returned the stolen assets in exchange for a $97,000 Ether bounty. The exploit was carried out at 10:28 UTC on March 7. Tender.fi confirmed the problem shortly thereafter through Twitter, reporting “an unusual amount of borrows” and noting that it has halted all borrowing. Analysis of blockchain data revealed that the individual responsible for the exploit leveraged a price oracle glitch. This allowed them to deposit only 1 GMX token, valued at approximately $71, and borrow assets worth $1.59 million from the protocol. In an on-chain message, the hacker wrote that it appeared the oracle was misconfigured and instructed the recipient to contact them in order to resolve the issue. Eight hours later, the DeFi protocol claimed that it had reached an agreement with the “White Hat” exploiter, whereby the hacker would refund all loans minus a “bounty” of 62.16 ETH, worth around $97,000 at the time of writing. In August of the previous year, Nomad Bridge, which operates across different blockchains, made a plea to those responsible for a smart contract exploit. This exploit led to the extraction of approximately $190 million from the bridge in under three hours.
Full story : Tender.fi Hacker Receives $97K Bounty After Returning Stolen Funds.