Crypto Trading Firm Kronos Research Offers 10% Bounty to Hacker

Taipei-based cryptocurrency trading and investment firm Kronos Research has opened doors for negotiations with a hacker who made off with $25 million of the firm's treasury early this month.

In a message to the hacker, Kronos said, send back 90% of the stolen funds, and we'll drop this matter, Etherscan show.

Last week, the Taiwanese trading and VC firm reported via a post on X that an unauthorized entity gained access to its API keys. Onchain experts ZachXBT and Lookonchain later confirmed that the attacker made off with $25 million, mostly in stablecoins.

"At present, we can confirm that the losses are about $26 million in crypto assets, and despite it being a sizable amount, Kronos remains in good standing. All losses will be covered internally, and no partners will be affected," the firm later posted on X.

KronosResearch was attacked and lost ~$25.65M, including 24.57M $USDT, 488.7 $ETH($959K) and 125,056 $USDC.

24.57M $USDT was swapped to 12,457 $ETH and 125,056 $USDC was swapped to 63.6 $ETH.

All 13,010 $ETH was transferred to 7 wallets, of which 1 $ETH to #ChangeNOW. pic.twitter.com/FztcM8YZHS

— Lookonchain (@lookonchain) November 19, 2023

Public, on-chain negotiations between hackers and their victims have become increasingly common.

Recently, the attacker behind an exploit of KyberSwap signed one of the transactions that pilfered funds from the decentralized exchange, stating that they would begin negotiations when they were "fully rested." KyberSwap offered them a 10% bounty to return stolen funds.

In August, Curve Finance offered hackers a 10% bounty in exchange for the return of the stolen crypto, also negotiated via transaction signing.

Over $1.2 billion has been stolen from Decentralized Finance (DeFi) protocols this year, according to DeFiLlama.