DeFi hacker returns all $25 million of stolen funds

Written by: Ali Raza
April 28, 2020
  • In a surprising twist, the hacker who robbed Chinese DeFi, dForce, recently returned the stolen funds.
  • The attacker returned a portion of the funds yesterday, and the rest today.
  • The move comes after the police in Singapore received the hacker's IP address.

Hacking incidents in the crypto industry are nothing new these days, and even massive thefts are still happening quite often. With that in mind, it wasn’t surprising when a Chinese DeFi (decentralized finance) project, dForce, suffered an attack recently.

The attacker managed to breach the project’s defenses and steal approximately $25 million. While the incident did make headlines, as mentioned, the move was not particularly surprising to anyone. Now, however, a surprising twist did finally arrive, as the attacker simply returned the stolen funds.

dForce gets its stolen funds back

Are you looking for fast-news, hot-tips and market analysis? Sign-up for the Invezz newsletter, today.

Yesterday, April 20th, dForce suddenly received a portion of the stolen funds back, after the hacker sent $2.79 million back. Today, however, the rest of the stolen amount followed, with nearly $22 million returning to the robbed project.

The transactions allegedly came after the Singapore police received the attacker’s IP address. At least, this is what the CEO oof 1inch.exchange, Sergej Kunz, revealed. He said that “We got a request from Singapore police and we were helping dForce. Based on the request, we delivered to the police the IP addresses and sensitive meta information, which the hacker speeded by using our CDN.”

Kunz added that the exchange reacted immediately after the police contacted it via email. Of course, the exchange protects user data, but it doesn’t support this kind of behavior. The best way of dealing with the incident, according to the exchange, was to put as much pressure on the hacker as possible.

It appears that the strategy worked, and the hacker returned around $24.3 million. Of course, this is still a bit below the value that they originally stole. But, the exchange explained that some of the value was lost during the conversion of the funds.

Tip: looking for an app to invest wisely? Trade safely by signing-up with our preferred choice, eToro: visit & create account

Paraswap declined to help

The exploit of dForce took place last weekend. During the incident, the project lost almost 100% of its total value locked. The attacker got access to a number of cryptocurrencies, including BTC, Ethereum, as well as multiple USD-backed stablecoins.

Some reports also claim that Paraswap allegedly decided to decline help to dForce. It refused to provide the attacker’s information, stating that it follows GDPR laws, being a France-based firm. However, a person familiar with the situation said that this is not true and that Paraswap doesn’t have contact information on the website.

This is still required, and it can result in a €200k punishment, as the source says. Even so, the company does collect email addresses of its users, in order to send notifications. It also collects IP addresses, but it doesn’t have any clear policy on the site.