Harvest Finance Increases Bounty to $1 Million to Track the Attacker Who Stole $33.8M

So far, all that the anonymous team knows is that the attacker has an understanding of DeFi. TVL of the project since then has fallen 70%.

Early Monday, the latest decentralized finance (DeFi) project Harvest Finance, was exploited. It was estimated that $33.8 million of the funds, about 3.2% of the total value locked in the protocol before the attack, was lost.

A couple of days before the attack, the project's TVL surpassed $1 billion, which has now come down to a mere $300 million, as per DeFi Pulse. Since then, its FARM token has also lost 60% of its value, currently trading at $96.5.

To catch the attacker, the anonymous team behind the project has increased the bounty for identifying the hacker from $400,000, which had already been raised from $100k to $1 million.

Initially, the team said they know the person behind the hack, “who is well-known in the crypto community,” and they don't want to dox them. As per the latest update, all that the team knows about the hacker so far is that they have an understanding of how DeFi works.

The attacker, meanwhile, is actively “money laundering” Bitcoin through various darknet mixers and crypto exchanges, including Binance, Huobi, Kraken, and Coins.ph, according to the post mortem of the incident.

The attacker reportedly exploited the effects of impermanent loss of USDC and USDT inside the Y pool on Curve.fi repeatedly.

Following the attack, funds from the shared pools, DAI, USDC, USDT, TUSD, WBTC, and renBTC, which were “not affected,” have been withdrawn.

The Harvest Finance team further said that it is taking full responsibility for the engineering error and is now working on a remediation plan for affected users.

The possible remediation techniques the team is considering include implementing a commit-and-reveal mechanism for deposits, stricter configuration of the existing deposit arb check in the strategies, withdrawals in an underlying asset, and using oracles for determining asset price. The team stated,

“We made an engineering mistake, we own up to it. Thousands of people are acting as collateral damage, so we humbly request the attacker to return funds to the deployer, where it will be distributed back to the users in its entirety.”

Get Free Email Updates!

*Action* Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

I will never give away, trade or sell your email address. You can unsubscribe at any time.

AnTy
AnTy
AnTy has been involved in the crypto space full-time for over two years now. Before her blockchain beginnings, she worked with the NGO, Doctor Without Borders as a fundraiser and since then exploring, reading, and creating for different industry segments.

[Alert] Use the author's self-conducted information at your own risk, do you own research, never invest more than you are willing to lose.

[Disclosure] The published news and content on BitcoinExchangeGuide should never be used or taken as financial investment advice. Understand trading cryptocurrencies is a very high-risk activity which can result in significant losses. Editorial Policy \\ Investment Disclaimer

LEAVE A REPLY

Please enter your comment!
Please enter your name here

3,511FansLike
2,795FollowersFollow
4,274FollowersFollow

Live Bitcoin Price & Latest BTC Charts

Today's Latest Crypto News

BitcoinExchangeGuide is a hyper-active daily crypto news portal with care in cultivating the cryptocurrency culture with community contributors who help rewrite the bold future of blockchain finance. Subscribe on Google News, see the mission, authors, editorial links policy, investment disclaimer, privacy policy. Got News? Contact us, we are human too. Note: nothing here is financial advice, do your own research thoroughly.

Start Using Crypto Today