The person behind the Seneca Protocol hack has returned $5.3 million in Ethereum (ETH) to the Seneca workforce shortly after stealing $6.4 million in a safety validation exploit.
Per a latest disclosure from Peck Defend, a blockchain safety agency, the hacker executed a exact switch of 1,537 ETH to a Seneca deal with. On-chain knowledge substantiates this declare, indicating that the transaction occurred by means of three separate transactions.
The hacker stole 1,907 ETH throughout a breach on Feb. 28, as reported by crypto.information. The hack, which led to an enormous 65% collapse within the value of SEN, exploited a vulnerability inside a operate of the Seneca good contract.
Considerably, the operate lacked correct enter validation, permitting anybody to provoke exterior calls. The hacker first diverted 907 ETH valued at $3 million earlier than stealing 1,000 ETH tokens, distributing them equally to 2 newly created exterior wallets.
Shortly after the exploit, the Seneca workforce implored the hacker to return the funds to a newly activated deal with. Regardless of confirming ongoing collaboration with regulation enforcement, they promised to not take any authorized motion if the hacker returned 80% of the funds and stored 20% as a bounty.
Curiously, just a few hours after transferring the 1,000 ETH to the brand new wallets, the exploiter returned all tokens to the brand new Seneca deal with. This restitution took the type of two separate transactions, every amounting to 500 ETH, executed at 5:09 (UTC) on Feb. 29 from the exterior wallets.
Two minutes after sending 1,000 ETH to Seneca, the hacker transferred 537 ETH price $1.86 million to the identical Seneca deal with. The recipient deal with for these transfers was activated by the Seneca workforce on Feb. 29 and presently holds all of the returned funds.
Following the switch of the 1,537 ETH to the Seneca deal with, the first deal with concerned within the exploit then proceeded to shift 300 ETH, equal to $1.03 million, by means of two transactions to 2 distinct new exterior wallets, a transaction that might characterize the hacker’s bounty.