Hacker stole nearly $ 24 million in cryptocurrency assets from a decentralized financial services company (DeFi) called Harvest Finance. The portal allows users to invest in cryptocurrencies and then collect price changes to make a small profit.
The breach happened earlier, and Harvest Finance officials confirmed the breach through the company's official Twitter account and Twitter (Discord) channel.
According to this news, the hacker invested a large amount of cryptocurrency assets into the service and then used a cryptocurrency vulnerability to steal money from the platform and transfer it to his own wallet.
According to the transaction ID that Harvest Finance employees identified in a subsequent investigation, the hackers stole a total of $ 13 million in coins and $ 11 million in Tether.
Two minutes after the attack, the hacker returned the platform $ 2.5 million, but the reason for the action remains unclear.
In a post on Harvest Finance's Discord channel, the platform claimed that the attack left a large amount of personally identifiable information about the attacker describing its popularity in the crypto community.
In a series of messages posted on Twitter, Harvest Finance acknowledged that the attack was a failure and opened the door for the attackers to return the money without consequences.
Technically, we have made a mistake, we must take responsibility, the company said, adding: We are not interested in finding private information or credentials for the attacker, people should have a right to privacy when you get money, people can come back, then the community will appreciate it.
The company is now offering a reward of $ 400,000 to anyone who finds a return of the stolen money. After the first 36 hours, the reward will be reduced to $ 100,000.
(Harvest Finance) said: Don't look for the attacker's private information or credentials in the process. We highly recommend that you focus all of your energy on the money of returning users.