Team Finance Hacker Returns $7M To Projects After Exploit

The hacker who was responsible for the $14.5 million Team Finance attack on October 27 has given tokens worth about $7 million to four businesses.The individual who exploited the protocol intends to keep a 10% bounty of the stolen funds.

The attacker indicated over the weekend in a string of messages that they would retain 10% of the stolen funds as a bounty and give the remaining tokens back to the impacted projects. Through the Uniswap v2-to-v3 conversion, the exploiter—a self-described “whitehat”—stole resources from Team Finance. According to a report, the blockchain security company PeckShield revealed that liquidity from Uniswap v2 assets on Team Finance was transferred to an attacker-controlled v3 pair with skewed pricing.

USD Coin ($USDC $1.00), CAW, TSUKA, and KNDA tokens were among the stolen money. Due to the exploit and ensuing liquidity crisis, several of the affected tokens, including CAW, experienced significant price drops. On October 30, Kondux, a nonfungible token (NFT) marketplace, declared that it had recovered 548 ETH, or 95% of the stolen money, which amounted to 209 Ether (ETH $1,571). Tsuka’s blockchain protocol also confirmed receiving over $ 765, 000 worth of the stablecoin Dai ( Dai $ 1. 00) and 11.8 million Tsuka. The largest victim of the exploit, Caw Coin, earned back $5 million in DAI as well as 74.6 billion of its native CAW coin.

See more

We’re thrilled to announce we have received 95% of the exploited ETH back!

Please bear with us in the coming 48 hours ⏳ as we await the $KNDX to return so we can plan our next move forward. ⏩ 🐮

Massive thanks to the community for their unwavering support 💖$FEG $CAW $TSUKA

— Kondux (@Kondux_KNDX) October 30, 2022

The protocol advised the hacker to get in touch for a reward payout on Twitter. Team Finance claimed that its smart contract had previously been inspected and that protocol developers had momentarily suspended all activities. TrustSwap, a startup that offers project leaders token liquidity lockup and vesting services, established the business in 2020.

According to the protocol, $3 billion was safely stored on 12 different blockchains. The exploit came after the Mango Markets attack on October 11 when a hacker increased the price of MNGO, the platform’s native token. The assailant subsequently borrowed a sizable sum against the falsified collateral, depleting Mango’s funds. The hacker was permitted to keep $47 million as a “bug bounty” after a proposal on Mango’s governance forum was approved, and $67 million was paid back to the treasury.