In a surprising turn of events, the hacker who exploited the Allbridge decentralized finance protocol has returned most of the stolen funds after accepting the offer of white hat bounty without any legal retaliation. The attacker made off with $573,000 worth of cryptocurrency in the attack, which occurred last month.
On April 3, Allbridge made a tweet announcing that they had received a message from an individual and that 1,500 BNB (Binance Coin) worth approximately $465,000 had been returned to their project.
“The remaining funds will be considered a white hat bounty to this person,” Allbridge said.
The company further elaborated that the received BNB was converted to Binance USD and will be used as compensation.
On April 1st, the blockchain security company Peckshield detected an attack on Allbridge. They warned Allbridge in a tweet that an individual acting as a liquidity provider and swapper was manipulating the BNB Chain pools swap price.
Security breach and actions
After the security breach occurred, Allbridge offered the hacker a bounty and decided not to take any legal action.
Although Allbridge has not publicly revealed the amount stolen, CertiK, another blockchain security firm, estimated it to be around $550,000. PeckShield reported that the exploit resulted in the theft of approximately $573,000, a total of $282,889 in BUSD and $290,868 worth of Tether.
Allbridge has also disclosed that another address has used the same exploit and provided a link to a wallet that currently holds 0.97 Binance Coin (BNB) which is worth approximately $300.
“We ask the second exploiter to reach out and discuss the return,” Allbridge said.
After the initial hack, Allbridge took swift action to track down the stolen funds and collaborated with various organizations to retrieve them.
One such organization was BNB Chain, which announced via a tweet on April 2 that it had identified at least one of the perpetrators using on-chain analysis.
BNB Chain has stated that they are providing active support to the Allbridge team in their efforts towards fund recovery. Additionally, they have acknowledged the efforts of AvengerDAO in the same recovery process.