A hacker responsible for infiltrating the Seneca stablecoin protocol and absconding with approximately $6.4 million worth of Ether (ETH) has returned more than $5 million of the stolen assets. This restitution followed an intriguing negotiation that saw the hacker accept an offer to keep a 20% bounty, amounting to around $1.04 million, as a reward for their "whitehat efforts."
The security breach initially came to light when blockchain security firms CertiK and PeckShield alerted the community to the exploit, emphasizing the urgency for users to revoke permissions linked to two compromised wallet addresses on the Arbitrum and Ethereum networks. CertiK's preliminary assessment reported a loss of assets valued at a minimum of $3 million, a figure that was later adjusted to account for the total $6.4 million extracted by the hacker through unauthorized transfers from vulnerable contract-approved addresses.
Seneca's swift acknowledgment of an "approval bug" led to an immediate collaboration with security experts to delve into the exploit's specifics, alongside a call for users to withdraw approvals from six identified wallet addresses across the Ethereum and Arbitrum ecosystems.
The dialogue between Seneca and the hacker unfolded publicly through an on-chain message, wherein Seneca addressed the hacker as "Whitehat" and proposed a deal to avert "further legal action." The protocol offered a 20% bounty in exchange for the return of the stolen funds, a proposal that seemingly resonated with the hacker.
PeckShield confirmed that, following Seneca's overture, the hacker repatriated 1,537 ETH, valued at approximately $5.3 million, and subsequently redistributed 300 ETH, representing the agreed-upon 20% bounty, into two new wallets. Although Seneca has not formally verified the restitution, CertiK's subsequent acknowledgment of the returned funds has bolstered confidence in the resolution of this incident.
This episode unfolds against the backdrop of a series of hacking incidents targeting the cryptocurrency sector, with one of the most significant being the nearly $49 million breach of decentralized exchange KyberSwap. The contrast in outcomes between the two exploits is stark, as KyberSwap's hacker adopted a more confrontational stance, even threatening to stall negotiations if legal action was pursued.
PeckShield's recent report on the movement of nearly $2.5 million worth of ETH by the KyberSwap hacker from Arbitrum to the Ethereum network adds another layer to the ongoing saga of cryptocurrency exploits. In the meantime, KyberSwap has initiated a process allowing affected users to reclaim a portion of their lost funds, marking a small yet significant step towards remedying the losses incurred from the November attack.
The resolution of the Seneca exploit, marked by the hacker's substantial return of stolen assets, presents a complex narrative within the digital currency landscape, intertwining issues of security vulnerabilities, ethical hacking, and the challenges of ensuring asset recovery in the face of such breaches.