Attacker Behind $14.5M Team Finance Exploit Returns $7M
The attacker behind last week’s $14.5 million exploit of crypto launchpad Team Finance has returned some $7 million worth of tokens to four projects over the weekend, data shows.
Team Finance suffered a $14.5 million exploit in relation to a smart contract bug in its migration feature, as reported.
Blockchain security firm SlowMist said in a tweet on Monday that the attacker termed themselves as a “whitehat” on messages stamped on transactions. A whitehat is an exploiter or hacker that attacks any software with an intention of making that service better or more secure, as opposed to for nefarious purposes.
Here's something interesting you don't see every day— SlowMist (@SlowMist_Team) October 31, 2022
The @TeamFinance_ exploiter or "WhiteHat" is returning funds to projects affected by the exploit. (Of course, 10% of the funds are kept as a bounty.)
Over $765,000 worth of stablecoin DAI and 11.8 million TSUKA tokens were returned to blockchain protocol Tsuka, which confirmed the receipt. NFT marketplace Kondux received 209 ether (ETH), or 95% of the stolen funds, while Feg Token received 548 ether.
Caw Coin, which took the biggest hit during the exploit, received over $5 million worth of DAI and 74.6 billion CAW, its native tokens.
The attacker confirmed the deposit addresses of all affected projects in several blockchain messages, viewable here. The messages were generally incoherent, but the attacker said they would keep 10% of the stolen funds as a bounty.