EraLend Hacker Ignores 2 PM Deadline To Return Funds

EraLend Hacker Ignores 2 PM Deadline To Return Funds

July 27, 2023

Naga

On July 26, the EraLend team proposed a deal with the unidentified hacker. The terms offered a white hat bounty worth 10% of the stolen funds if the hacker returned 90% of the assets to wallet address 0x9eEE479DCf6075a0cb905c27e8F952910c3bb69D.

Typically, white hat bounties are offered to hackers or sleuths who discover bugs in smart contract codes. This route is also taken by protocols seeking to recover their stolen assets peacefully.

The DeFi lender set a deadline of 2 PM UTC today though the deadline has now passed and the hacker did not return the funds as proposed. EraLend promised to tap the broader DeFi community, centralized exchanges (CEXs), and law enforcement should the hacker continue to hold user funds hostage.

Furthermore, the platform opened its 10% bounty to the public and implored anyone with information on the hacker’s identity to come forward.

The deal with the exploiter is now concluded.

We are rallying the entire community, urging you all to stand together with us in facing the criminals who have stolen our funds and violated our rights.

Anyone who comes forward with information that helps us identify the attacker…

EraLend Update

The DeFi protocol which runs atop Ethereum L2 network zkSync updated users today on three developments. Firstly, the team identified a suspicious CEX account that may be involved in the hack.

Also, a formal request was sent to a VPN provider that the team believes was used by the attacker to hide their identity. The protocol is also working with security experts for an autopsy on the attack vectors deployed before and after the $3.4 million hack.

EraLend suffered a read-only reentrancy attack on July 25, allowing the hacker to drain millions in crypto from the platform. The exploiter then moved a chunk of the funds to addresses on Ethereum, Arbitrum, and Optimism per security shop Peckshield.

Tuesday’s hack was one of several attacks on DeFi protocol and crypto service providers in recent months.

🚨 Update

Thanks to the dedicated efforts of our partners and security professionals, we've made some progress in the past days:

1/ We've pinpointed a suspicious CEX account that appears to be linked to an individual potentially involved in the incident. We are collaborating…

Prior to the attack, the platform boasted $18.5 million in total value locked (TVL). This number nosedived to $3.2 million at press time, DefiLlama data showed.

Source: Read Full Article