Prisma Finance Hacker Claims ‘Whitehat Rescue’ After $11.6 Million Exploit

Prisma Finance’s hacker, who stole $11.6 million from the decentralized finance (DeFi) protocol, claims the exploit was a “whitehat rescue” and is enquiring who to contact to refund the funds, according to on-chain messages.

A white hat hacker tries to find security vulnerabilities in software code using their hacking skills.

Attacker Claims ‘Whitehat Rescue’ Before Moving Funds

Six hours following the Prisma Finance hack, the attacker sent a message claiming it was a “whitehat rescue” aimed at helping the platform, according to blockchain analytics firm Etherscan.

The attacker then inquired how to return the funds to the protocol using the address “0x2d4…7507a,” previously identified as one of those linked to the attack. In response, about two hours later, Prisma Finance provided contact information for negotiations.

According to estimates by blockchain security firm PeckShield, 3,257.7 ETH was stolen and sent to three separate addresses.

#PeckShieldAlert The attack is ongoing, with the total loss now increased to ~3,257.7 $ETH (worth ~$11.6 million)
To vault owners, please follow up on notifications from the official source and be cautious about scams pic.twitter.com/5HYGYCROIP

— PeckShieldAlert (@PeckShieldAlert) March 28, 2024

Despite the claim of good intentions, blockchain security firm Cyvers mentioned that the attacker swapped the stolen funds for Ether (ETH) shortly after the message. PeckShield also later detected a transfer of around 200 Ether to OFAC-sanctioned Tornado Cash, a cryptocurrency mixer known for obscuring transactions and funding sources, which is often used for illicit activities.

In response to the exploit, Prisma Finance has halted its DeFi protocol and is currently investigating the root cause of the attack. The move impacted the platform, with the total value locked on their protocol plunging from $220 million to $107 million, according to DeFiLlama.

Majority of Crypto Losses Stem from Hacks, Not Fraud

According to Immunefi, a web3 security firm, over $200 million in crypto has already been lost to hacks and scams in the first two months of 2024 across 32 individual incidents. In 2023, there was a total loss of $1.8 billion to hacks and scams, with 17% linked to the North Korean Lazarus Group.

Most funds lost were due to hacks rather than fraud. Only $103 million was lost from clearly identifiable fraud schemes, such as rug pulls, while over $1.6 billion was lost from hacks and exploits. Of these losses, $1.3 billion occurred in protocols claiming to be decentralized, while only $409 million was lost from centralized finance (CeFi) crypto protocols.

In response to these developments, the Prisma Governance Token (PRISMA) experienced a 30% drop to $0.244 after the news. However, it has since rebounded to $0.28, according to data from CoinGecko, down 35% over the last week.


Leave a Comment

Your email address will not be published. Required fields are marked *

Please enter Coingecko Free Api Key to get this plugin works
Scroll to Top