The dForce hacker returns nearly all $ 25 million in stolen crypto

The hacker who downloaded $ 25 million in cryptocurrency from the dForce decentralized financial protocol over the weekend returned almost all the stolen assets.

According to data visible on the Ethereum blockchain, from 6:00 UTC on Tuesday, multiple transactions were initiated from an address labeled "Lendf.Me Hack" to the administration address of the Lendf.Me project.

The unexpected return of funds in numerous transactions with different cryptocurrencies

The transactions included some extremely large amounts, such as that of 57,992 ether (ETH), the native cryptocurrency of the Ethereum blockchain – worth about $ 10 million at the time of printing.

Further incoming transactions involved various U.S. dollar-related stablecoins – such as USDT, BUSD, TUSD, DAI, USDC, HUSD and PAX – totaling nearly $ 10 million. In addition, a total of 581 units of WBTC, HBTC and imBTC – token ethereum that bind to bitcoin as an underlying guarantee were returned.

The sum of these is listed at around $ 4 million at the current bitcoin price. Curiously, the hacker did not return exactly the same stolen resource balance, but returned part of the value in other types of tokens.

All in all, they returned cryptographic assets worth about $ 24 million at the time of printing. At this stage it is not known why the hacker did not simply return the resources that had been stolen or, in general, why they were returned.

Two possible reasons behind the hacker's choice to return the stolen funds

Although there are no certainties regarding the reason for the unexpected return of stolen funds, some interesting hypotheses have arisen. Larry Cermak, director of research at The Block, has focused attention on a possible calculation error made by the attacker in laundering the proceeds.

In other words, in transferring stolen Ethereum funds and other crypto resources to decentralized exchanges, the hacker simply used a VPN or proxy server, while more experienced hackers would have secured the transfer using a decentralized network, such as Tor.

This error has leaked some metadata, including his IP address and has left the possibility of tracing his identity through traces of information from the server operator.

Furthermore, Sergej Kunz, CEO of the 1 inch exchange, which was one of the decentralized exchanges used to launder stolen funds, was willing to openly discuss the issue. Indeed, Kunz's cooperation in this case highlights industry-level cooperation in the fight against hackers.

As for the incident, Kunz remarked: "He appears to be a good programmer, but an inexperienced hacker." In this regard, even if the hacker returned the stolen cryptographic resources, there is still enormous damage to DeFi's image and reputation.

And what do you think of this whole affair? Hopefully your funds were safe in some other electronic wallet! Let us know if you have ever had similar experiences in the comments below!