The hacker who breached the Arbitrum-based DeFi protocol Tender.fi returned the withdrawn assets in exchange for a bounty of 62.16 ETH (~$96,534).
Translation: The White Hat will repay all loans minus 62.158670296 ETH, which will be kept as a Bounty for helping secure the protocol. The https://t.co/H4ZMPLH9pz Team will repay the Bounty s value to the protocol, so that there will be no bad debt and users will remain… https://t.co/5bbmKu7zEe
— Tender.fi (@tender_fi) March 7, 2023
The exploit occurred on March 7. The attacker exploited a misconfiguration in the price oracle. As a result, he borrowed $1.59 million on the platform in cryptocurrency collateralized by a single GMX token worth about $71.
\n\n
The hacker himself reached out to the team, sending a message in a transaction:
\n\n
“It seems your oracle was misconfigured. Contact me to work it out.”
\n\n
\n\n
The protocol’s developers confirmed the incident, noting \u201can unusual amount\u201d of borrows on the platform.
\n\n
We are investigating an unusual amount of borrows that came through the protocol- in the meantime, we have paused all borrowing. Thank you for your patience.
— Tender.fi (@tender_fi) March 7, 2023
Within a few hours they announced they had reached an agreement with the hacker. The latter returned the funds minus the agreed bounty of 62.16 ETH for \u201cstrengthening the protocol’s security\u201d.
\n\n
\u201cThe actor has completed the loan repayments. Funds are officially SaFu, post mortem on the way.\u201d
\n\n
The actor has completed the loan repayments. Funds are officially SaFu, post mortem on the way.
— Tender.fi (@tender_fi) March 7, 2023
The payout to the white-hat will be covered by the project from its own funds.
\n\n
In February, DeFi protocols sustained about $21.4 million in losses after seven hacks.
\n\n
The Platypus Finance exploit, worth $8.5 million.