One of the wallets involved in the hack of Prisma Finance, a liquid staking protocol exploited for $11 million by multiple attackers on March 28, is a so-called “white hacker” interested in returning funds to the protocol. claimed. Rather than “black hat” hackers who keep the funds for themselves.
Before considering returning the funds, the hacker demanded that the Prisma Finance team hold an online press conference to publicly reveal his identity, apologize to users and investors, and praise the hacker for working together to resolve the issue.
In an on-chain message to Prisma Finance, the hacker criticized the Prisma team for failing to catch the mistake and argued that the press conference would help send a message to the entire decentralized finance space. “Hopefully this will help people get into DeFi more cautiously, make teams more accountable, and change everyone’s mind about things like this,” the hacker wrote in an on-chain message to Prisma Finance.
“After this happens we will discuss how much I will keep and how much I can send (rest assured most will be refunded),” the hacker concluded.
Sometimes hacked protocols can negotiate with attackers to recover funds. However, the hacker’s unusual demands and the transfer of more than $2.5 million in ether to blockchain mixing service Tornado Cash have left many Prisma Finance users skeptical of the hacker’s true motivations.
“This guy seems to be toying with the decision of whether or not to wear a white hat in public communications,” wrote one user on Prisma Finance’s Discord server. “He’s doing ‘Trust me’ with millions of dollars in (Tornado Cash).”
Prisma Finance suspended the protocol and published a post-mortem of the attack, illustrating the vulnerability as a lack of input validation for certain smart contract functions. “Currently, retrieving all user funds is our primary focus, but lifting the protocol pause will be part of the next step once we are confident that all locations are secure,” the team wrote.
Prisma Finance has not yet responded to the hackers and did not immediately respond to The Block’s request for comment.
Disclaimer: The Block is an independent media outlet delivering news, research and data. As of November 2023, Foresight Ventures is a majority investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, impactful and timely information about the cryptocurrency industry. Below are our current financial disclosures.
© 2023 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be used as legal, tax, investment, financial or other advice.