Decentralized finance (DeFi) platform Harvest Finance is in the spotlight after being targeted by an alleged cyber-attacker who managed to drain $24 million from its pools in just seven minutes. The attacker reportedly cashed out the stolen cryptocurrency into a virtual wallet using renBTC and Tornado.
The Harvest Finance team, who choose to remain anonymous, revealed that the hacker manipulated Stablecoin prices on Curve Finance, a DeFi protocol that interacts with Harvest Finance contracts, to carry out the attack. In response to the incident, Harvest Finance assured users that they were actively working to mitigate the economic impact of the attack on the affected pools.
Interestingly, the attacker returned a portion of the stolen funds, amounting to around $2.5 million in Tether (USDT) and USD Coin (USDC), to the deployer. Harvest Finance announced that this money would be redistributed to the affected depositors based on a snapshot of the pools.
In a bid to track down the alleged hacker, Harvest Finance took to Twitter to share 10 BTC addresses associated with the attacker and requested major cryptocurrency exchanges to blacklist them. The protocol claimed to have uncovered some clues about the hacker’s identity and decided to offer a $100,000 reward to anyone who could help in contacting the attacker and facilitating the return of the stolen funds to the deployer address.
Despite the severity of the attack, Harvest Finance made it clear that they were not seeking retribution against the hacker. In a tweet directed at the attacker, the protocol expressed respect for their skills and ingenuity, urging them to return the funds to the affected users.
The incident serves as a reminder of the inherent risks in the DeFi space and the importance of robust security measures to protect users’ funds. Harvest Finance’s proactive response to the attack demonstrates their commitment to addressing the issue and safeguarding the interests of their community.