Four projects have obtained some $seven million price of tokens in the hacker behind the $14.5 million Team Finance exploit on March. 27. Over the past weekend, the attacker confirmed in a number of messages they would keep 10% from the stolen fund like a bounty and return another tokens towards the affected projects.
The exploiter — a self-described “whitehat” — drained assets from Team Finance with the Uniswap v2-to-v3 migration. Reported by Cointelegraph, liquidity from Uniswap v2 assets on Team Finance were used in an assailant-controlled v3 pair with skewed prices, described the blockchain security firm PeckShield.
The stolen funds incorporated USD Gold coin (USDC), CAW, TSUKA and KNDA tokens. A few of the affected tokens, for example CAW, endured steep cost declines because of the exploit and subsequent liquidity crunch.
On March. 30, Kondux, a nonfungible token (NFT) marketplace, announced it received 95% from the stolen funds, or 209 Ether (ETH), while Feg Token retrieved 548 ETH. Tsuka’s blockchain protocol also confirmed receiving over $765,000 price of the stablecoin Dai (DAI) and 11.8 million TSUKA. Caw Gold coin — the greatest victim from the exploit — received back $5 million price of DAI and 74.6 billion of their native token, CAW.
We are happy to announce we’ve received 95% from the exploited ETH back!
Please bear around within the coming 48 hrs ⏳ once we await the $KNDX to come back therefore we can plan our next move ahead. ⏩
Massive because of the community for his or her unwavering support $FEG $CAW $TSUKA
— Kondux (@Kondux_KNDX) October 30, 2022
On Twitter, the protocol advised the hacker to go into contact for any bounty payment. Based on Team Finance, it’s good contract have been formerly audited, and developers had temporarily stopped all activity around the protocol. The organization began in 2020 by TrustSwap, which supplies token liquidity locking and vesting services to project executives. The protocol claimed to possess $3 billion guaranteed across 12 blockchains.
The exploit adopted the Mango Markets attack on March. 11, whenever a hacker manipulated the need for the platform’s native token, MNGO, to attain greater prices. The attacker then required out significant loans from the inflated collateral, draining Mango’s treasury.
Following a proposal on Mango’s governance forum was approved, the hacker was permitted to help keep $47 million like a “bug bounty,” while $67 million was delivered back towards the treasury.