A white hat hacker has successfully returned over $7 million from the $14.5 million that was stolen during the Team Finance incident. The majority of the recovered funds are being redirected to the projects that were impacted by the exploit. The individual responsible for the Team Finance breach has chosen to return a significant portion of the funds while retaining 10% as a reward for their actions. The hacking event occurred in late October, resulting in the theft of more than $14 million, affecting projects such as Tsuka, Kondux, Caw Coin, and FEG.
### Hacker Returns Funds Amid Ongoing Investigation
According to SlowMist, the hacker has returned over $7 million to the affected projects, accompanied by messages from the wallet address involved, although the communications lack clarity. Thus far, over $7 million has successfully been transferred back to its rightful projects. Continuous updates will be provided as new developments arise, and followers are encouraged to enable notifications for real-time information.
One notable remark came from Ivan Reif, the Chief Technology Officer of TrustSwap, who mentioned three days ago that if the hacker returned the funds, they would receive either a generous bounty or a job offer.
### Unusual Outcomes in Hacking Incidents
This situation presents an intriguing twist in the realm of hacking incidents. While it is not uncommon for hackers to return stolen funds in exchange for rewards or job opportunities, such cases are rare. For instance, in October, the perpetrator of a $300 million exploit on OlympusDAO returned all the stolen funds. However, the norm tends to lean toward hackers retaining the vast sums they acquire, often laundering the money through services like Tornado Cash.
### Team Finance Suffers $14.5 Million Loss
The Team Finance exploit was facilitated by a vulnerability within the smart contract during their migration from Uniswap v2 to v3. Despite having undergone an audit, the critical flaw was overlooked. The Team Finance team promptly announced the exploit and urged the hacker to reach out for a potential bounty, emphasizing their efforts to analyze and address the situation. Following the attack, the platform halted all operations to prevent further losses, resulting in a notable decline in the prices of the stolen tokens, particularly affecting CAW.
### Growing Trend of Bounty Offers to Hackers
In recent times, projects have shown an increasing willingness to negotiate with hackers by offering bounties for the return of stolen assets. This trend has been observed multiple times throughout 2022, including a recent instance where the Transit Swap hacker returned 70% of stolen funds, receiving a bounty of $690,000 in return. In August, the crypto bridge Nomad offered a 10% reward to a hacker involved in a $190 million exploit to recover their funds. Earlier in January, a multichain hacker accepted a bug bounty of $187,000 after returning approximately $974,000 in Ethereum.
While teams are becoming more open to rewarding hackers who return stolen funds, there remain concerns about the inherent security of various platforms. Protocols lacking comprehensive audits or possessing significant vulnerabilities are more susceptible to such attacks. The adage “prevention is better than cure” remains vital for the long-term viability of the decentralized finance (DeFi) sector. However, the practice of offering bug bounties may inadvertently entice more hackers who believe they can evade consequences while still profiting from their exploits.
