Over $2 million would be given back to Transit Swap users following the agreement.
Transit Swap, a decentralized finance (DeFi) platform, revealed that it had settled with its biggest hacker regarding the restoration of funds on October 10. A swap contract within the protocol had an internal fault that was attacked by a hacker about a week beforehand, which led to other users imitating the security vulnerability and losing approximately $23 million in user assets.
Thanks to security firms like Peckshield, SlowMist, Bitrace, and TokenPocket, the primary hacker has since refunded roughly 70% of the assets that were improperly obtained. They swiftly located the hacker by determining their IP address, email address, and associated on-chain addresses.
According to the deal made on October 10, Transit Swap will release the hacker from any legal obligations related to the attack in exchange for returning the remaining 10,000 BNB tokens, valued at around $2.74 million, obtained from the exploit. The hacker will also receive 2,500 BNB ($685,600) as compensation for using white hat techniques to find the security flaw.
Additionally, the Transit Swap team has given two hacker-imitators and one hacker-arbitrageur until October 12 to repay the money that has been taken. Developers subsequently expressed their intent to pursue legal action.
Due to user anonymity at the start of the year, DeFi vulnerabilities were often a low-risk, high-reward operation. Recently, it has become more difficult for hackers to launder stolen money due to the growth of blockchain analytics companies and forensic DeFi organizations, as well as a U.S. ban on crypto-mixer tools like Tornado Cash. As with the Nomad bridge breach, some have chosen to return the money and keep a percentage of the profits from the security flaws as a reward.