The Munchables hacker, who recently exploited a weakness in the protocol and drained more than $62 million worth of Ether (ETH), has returned the keys holding the stolen funds.
According to blockchain sleuth ZachXBT, the hacker allegedly worked as a developer on Munchables and has possible ties to North Korea.
Munchables Loses Over $62 Million in ETH
Munchables, a Web3 gaming protocol on the Blast network, suffered an exploit on Tuesday, March 26, which led to the loss of over $62 million. The team behind the project revealed in an X post that the platform was бузулган while they were making efforts to track the hacker’s movement and halt transactions.
In response to Munchables’ post, ZachXBT showed that the explorer’s address held about 17,415 ETH (worth $62.25 million based on Ether’s current price). ZachXBT further stated that the attack was carried out by an insider, a suspected North Korean developer allegedly hired by the Munchables team, with the alias “Werewolves0493” on GitHub.
Meanwhile, Solidity developer, who goes by the username 0xQuit on X, said in a post that the attack on Munchables was пландаштырылган from the beginning. According to the developer,
“The scammer used manual manipulation of storage slots to assign himself an enormous Ether balance before changing the contract implementation to one that appears legit. Then he simply withdrew that balance once TVL was juicy enough.”
Shortly before the hack, the total value locked (TVL) on Munchables was over $96 million, according to data from DeFiLlama. Following the incident, the project’s TVL dropped to $34 million.
Жүрөктүн өзгөрүшүбү?
However, things took a different turn on Wednesday, March 27, when Munchables, in an update, revealed that the rogue developer agreed to share and has eventually shared the private keys holding all funds without stating any conditions.
Munchables иштеп чыгуучусу колдонуучунун каражаттарын калыбына келтирүүгө жардам берүү үчүн тартылган бардык жеке ачкычтарды бөлүштү. Тактап айтканда, 62,535,441.24 73 XNUMX долларды кармаган ачкыч, XNUMX WETH кармаган ачкыч жана калган каражатты камтыган ээси ачкыч.
— Munchables (@_munchables_) Март 27, 2024
Tiesshun Roquerre, known as Pacman, who is behind the Ethereum layer 2 network Blast and also the non-fungible token (NFT) marketplace Blur, said in an X post, “97 million has been secured in a multisig by Blast core contributors.”
Pacman noted that the ex-developer agreed to return the fund without ransom while stating that there were efforts to safely redistribute the funds to users.
Blast негизги салымчылары тарабынан мультисигде 97 миллион доллар камсыздалган. Фондо укмуштуудай көтөрүлүп кеттим, бирок мен экс munchables dev бардык каражаттарды акыр аягында эч кандай кун талап кылбастан кайтарып берүүнү чечкенине ыраазымын. @_munchables_ жана аны менен интеграцияланган протоколдор сыяктуу @juice_finance...
— Pacman | бүдөмүк + жарылуу (@PacmanBlur) Март 27, 2024
Before the developer returned the funds, there were calls from users on X asking Blast to roll back their chain — which means rewinding the blockchain before when the incident occurred, which, in this case, will undo the hack.
However, this activity is seen as antithetical to decentralization, as blockchain transactions are supposed to be irrevocable. Also, Blast is seen as not being sufficiently decentralized, as it is controlled by 3/5 multisig.
Bybitдеги CryptoPotato окурмандары үчүн ЧЕКТЕЛГЕН СУНУШ 2024: Каттоо жана Bybit Exchange боюнча $500 BTC-USDT позициясын ачуу үчүн бул шилтемени колдонуңуз!
Source: https://cryptopotato.com/munchables-hacker-returns-stolen-crypto-funds-worth-over-62-million/