Munchables Hacker Returns Stolen Crypto Funds Worth Over $62 Million

The NFT Unicorn hacker_steal_cover Munchables Hacker Returns Stolen Crypto Funds Worth Over $62 Million Crypto News

The Munchables hacker, who recently exploited a weakness in the protocol and drained more than $62 million worth of Ether (ETH), has returned the keys holding the stolen funds.

According to blockchain sleuth ZachXBT, the hacker allegedly worked as a developer on Munchables and has possible ties to North Korea.

Munchables Loses Over $62 Million in ETH

Munchables, a Web3 gaming protocol on the Blast network, suffered an exploit on Tuesday, March 26, which led to the loss of over $62 million. The team behind the project revealed in an X post that the platform was compromised while they were making efforts to track the hacker’s movement and halt transactions.

In response to Munchables’ post, ZachXBT showed that the explorer’s address held about 17,415 ETH (worth $62.25 million based on Ether’s current price). ZachXBT further stated that the attack was carried out by an insider, a suspected North Korean developer allegedly hired by the Munchables team, with the alias “Werewolves0493” on GitHub.

Meanwhile, Solidity developer, who goes by the username 0xQuit on X, said in a post that the attack on Munchables was planned from the beginning. According to the developer,

“The scammer used manual manipulation of storage slots to assign himself an enormous Ether balance before changing the contract implementation to one that appears legit. Then he simply withdrew that balance once TVL was juicy enough.”

Shortly before the hack, the total value locked (TVL) on Munchables was over $96 million, according to data from DeFiLlama. Following the incident, the project’s TVL dropped to $34 million.

A Change of Heart?

However, things took a different turn on Wednesday, March 27, when Munchables, in an update, revealed that the rogue developer agreed to share and has eventually shared the private keys holding all funds without stating any conditions.

Tiesshun Roquerre, known as Pacman, who is behind the Ethereum layer 2 network Blast and also the non-fungible token (NFT) marketplace Blur, said in an X post, “97 million has been secured in a multisig by Blast core contributors.”

Pacman noted that the ex-developer agreed to return the fund without ransom while stating that there were efforts to safely redistribute the funds to users.

Before the developer returned the funds, there were calls from users on X asking Blast to roll back their chain — which means rewinding the blockchain before when the incident occurred, which, in this case, will undo the hack.

However, this activity is seen as antithetical to decentralization, as blockchain transactions are supposed to be irrevocable. Also, Blast is seen as not being sufficiently decentralized, as it is controlled by 3/5 multisig.

SPECIAL OFFER (Sponsored)

LIMITED OFFER 2024 for CryptoPotato readers at Bybit: Use this link to register and open a $500 BTC-USDT position on Bybit Exchange for free!



Source: CryptoPotato