Munchables Hacker Voluntarily Returns $62.8 Million Worth of Ether Without Demanding Ransom
At 4:40 am UTC on March 27, Munchables Identified the Hacker as One of Its Former Developers (Ether). An Hour of Negotiation Resulted in the Ex-Developer Agreeing to Return the Hacked Funds.
After nearly eight hours, the Munchables hacker, identified as one of the platform’s developers, had a change of heart and returned $62.8 million worth of Ether (ETH) stolen in an exploit, without demanding any ransom.
The incident unfolded on March 26, around 9:30 pm UTC, when Munchables, an Ethereum-based nonfungible token (NFT) game, reported a hack that siphoned over 17,400 ETH from its GameFi app.
In response, Munchables, alongside blockchain investigators like PeckShield and ZachXBT, began tracking the movement of the stolen funds in an effort to intercept them. According to ZachXBT, the exploit originated from the Munchables team hiring a developer known as “Werewolves0943,” believed to be from North Korea.
Also, read- Diversification in Ethereum Clients Strengthens: Non-Geth Implementations Reach 34%
By March 27, at 4:40 am UTC, Munchables confirmed that the hacker was indeed one of its developers. Following an hour of negotiations, the former developer agreed to return the pilfered funds. In an official statement, Munchables expressed gratitude for the return of the funds without any ransom being demanded.
Pacman, the creator of the Ethereum layer-2 blockchain Blast, acknowledged ZachXBT’s assistance and announced that the ex-Munchables developer opted to return all funds. As Munchables operates on the Blast blockchain, Pacman pledged to collaborate with the Munchables team to redistribute the now-recovered funds.
Meanwhile, victims of the hack are cautioned to only follow communications from official sources to avoid falling victim to refund scams. This exploit occurred nearly four days after a hacker stole approximately $24,000 from four different addresses linked to the decentralized finance (DeFi) aggregator ParaSwap. Despite this, ParaSwap managed to recover the funds and initiated the refunding process for affected users. With the assistance of white hat hackers, ParaSwap successfully resolved the issue and revoked permissions for the vulnerable AugustusV6 smart contract.
In total, ParaSwap revealed that 386 addresses were impacted by the vulnerability, with 213 addresses yet to revoke allowances for the flawed contract as of March 25.
Stay informed with daily updates from Blockchain Magazine on Google News. Click here to follow us and mark as favorite: [Blockchain Magazine on Google News].
Get Blockchain Insights In Inbox
Stay ahead of the curve with expert analysis and market updates.
latest from tech
Disclaimer: Any post shared by a third-party agency are sponsored and Blockchain Magazine has no views on any such posts. The views and opinions expressed in this post are those of the clients and do not necessarily reflect the official policy or position of Blockchain Magazine. The information provided in this post is for informational purposes only and should not be considered as financial, investment, or professional advice. Blockchain Magazine does not endorse or promote any specific products, services, or companies mentioned in this posts. Readers are encouraged to conduct their own research and consult with a qualified professional before making any financial decisions.