The Munchables hacker, who recently exploited a weakness in the protocol and drained more than $62 million worth of Ether (eth), returned the keys containing the stolen funds.
According to blockchain detective ZachXBT, the hacker allegedly worked as a developer at Munchables and has possible ties to North Korea.
Munchables loses more than $62 million in eth
Munchables, a Web3 gaming protocol on the Blast network, suffered an exploit on Tuesday, March 26, resulting in a loss of over $62 million. The team behind the project revealed in an X post that the platform was engaged while they made efforts to track the hacker's movement and stop the transactions.
In response to Munchables' post, ZachXBT showed that the explorer address was approximately 17,415 eth (worth $62.25 million based on the current Ether price). ZachXBT further claimed that the attack was carried out by an informant, a suspect North Korean developer supposedly hired by the Munchables team, under the alias “Werewolves0493” on GitHub.
Meanwhile, the Solidity developer, who goes by the username 0xQuit on X, said in a post that the attack on Munchables was planned From the beginning. According to the developer,
“The scammer used manual manipulation of storage slots to allocate a huge balance of Ether to himself before changing the contract implementation to one that looked legitimate. Then he simply cashed out that balance once TVL was juicy enough.”
Shortly before the hack, the total value locked (TVL) on Munchables was over $96 million, according to data from DeFiLlama. Following the incident, the project's TVL was reduced to $34 million.
A change of heart?
However, things took a different turn on Wednesday, March 27, when Munchables, in an update, revealed that the rogue developer agreed to share and eventually shared the private keys containing all the funds without setting any conditions.
The Munchables developer has shared all the private keys involved to help recover the user's funds. Specifically, the key containing $62,535,441.24 USD, the key containing 73 WETH, and the owner's key containing the rest of the funds.
— Munchables (@_munchables_) March 27, 2024
Tiesshun Roquerre, known as Pacman, who is behind Blast, ethereum's layer 2 network and also the non-fungible token (nft) marketplace Blur, said in an X post: “Blast's core contributors have secured 97 million in a multisig”.
Pacman noted that the former developer agreed to return the fund without ransom and stated that efforts were being made to safely redistribute the funds to users.
Blast's top contributors have secured $97 million in a multi-signature. I got an incredible boost in the background, but I'm grateful that the former Munchables developer chose to return all funds in the end without needing any ransom. @_munchables_ and protocols that are integrated with it such as @jugo_finanzas…
—Pacman | Blur + Explosion (@PacmanBlur) March 27, 2024
Before the developer returned the funds, there were calls from X users asking Blast to revert their chain, which means rewinding the blockchain before the incident occurred, which, in this case, will undo the hack.
However, this activity is considered the antithesis of decentralization, since blockchain transactions are supposed to be irrevocable. Furthermore, Blast is seen as not being sufficiently decentralizedsince it is controlled by 3/5 multisig.
LIMITED OFFER 2024 for CryptoPotato readers on Bybit: Use this link to register and open a $500 btc-USDT position on the Bybit Exchange for free!
<!– ai CONTENT END 1 –>
