One of the wallets linked to the hack of Prisma Finance, a liquid staking protocol that was exploited for $11 million by multiple attackers on March 28, claimed to be a “white hat” hacker interested in returning the funds to the protocol, rather than a “black hat” hacker who would keep the funds for himself.
Before considering returning the funds, the hacker demanded that the Prisma Finance team hold an online press conference, identify themselves publicly, apologize to users and investors, and congratulate the hacker for worked with them to resolve the issue.
In a chain message at Prisma Finance, the hacker blames the Prisma team for not detecting the error and claims that the press conference would help send a message to the entire decentralized finance space. “I hope this will help people participate in the challenge more carefully, teams will be more responsible and everyone will change their minds about things like this,” the hacker wrote in a post. chain message at Prisma Finance.
“After this happens, the amount I would keep and the amount I can send to you would be discussed (rest assured, most of it would be returned),” the hacker concluded.
Sometimes hacked protocols manage to recover funds by negotiating with attackers. However, the hacker’s unusual demands, coupled with his transfers of over $2.5 million in ether to blockchain mixing service Tornado Cash, have left many Prisma Finance users skeptical of the hacker’s true motives.
“This guy looks like he’s playing and deciding whether to play white hat with these public communications,” wrote one user on the Prisma Finance Discord server. “He does a ‘trust me, bro’ with millions of dollars in [Tornado Cash]”.
Prisma Finance has suspended the protocol and published a autopsy on the attack, describing the vulnerability as a lack of input validation on a certain smart contract function. “While recovering all user funds is our primary goal at the moment, resuming the protocol will be part of the next steps once we are sure all positions are safe,” the team wrote.
Prisma Finance has yet to respond to the hacker and did not immediately respond to a request for comment from The Block.
Disclaimer: The Block is an independent media outlet providing news, research and data. Since November 2023, Foresight Ventures has been a majority investor in The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to provide objective, impactful and current information about the crypto industry. Here is our current financial information.
© 2023 The Block. All rights reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.