Allbridge exploiter returns most of the $573K stolen in attack
A large portion of the roughly $573,000 pilfered from the multichain token bridge Allbridge has been returned after the exploiter seemingly took up the project’s offer for a white hat bounty and no legal retaliation.
Allbridge tweeted on April 3 that it received a message from an individual and 1,500 BNB (BNB), worth around $465,000, was returned to the project.
"The remaining funds will be considered a white hat bounty to this person," Allbridge said.
Update on the exploit
1/ Our team was contacted by the owner of https://t.co/EW1uxXBQpD.
1500 BNB was returned to our team. The remaining funds will be considered a white hat bounty to this person.
— Allbridge (@Allbridge_io) April 3, 2023It explained that all the "received BNB" wa then converted to the stablecoin Binance USD (BUSD) to be used as compensation.
Blockchain security firm Peckshield first identified the attack carried out on April 1, warning Allbridge in a tweet that its BNB Chain pools swap price was being manipulated by an individual acting as a liquidity provider and swapper.
Following the exploit Allbridge offered the attacker a bounty and the chance to escape any legal ramifications.
Allbridge has yet to publicly disclose how much was stolen, but blockchain security firm CertiK said the sum is close to $550,000 while PeckSheild said the exploit netted $282,889 in BUSD and $290,868 worth of Tether (USDT), totaling roughly $573,000.
Allbridge also revealed that a second address used the same exploit and shared a link to a wallet that currently contains 0.97 BNB, valued at around $300.
"We ask the second exploiter to reach out and discuss the return," Allbridge said.
Following the initial exploit, Allbridge made it clear they were hot on the trail of the stolen funds and were working with a wide variety of organizations to retrieve the stolen loot.
Related: DeFi exploits and access control hacks cost crypto investors billions in 2022: Report
BNB Chain was among those who answered the call to arms and reported in an April 2 tweet that it discovered at least one of the culprits involved through on-chain analysis.
BNB Chain has identified the Allbridge attacker following on-chain analysis. We are actively supporting the Allbridge team on the fund recovery. The Allbridge team has offered the hacker a bounty.
We'd like to recognize the effort of AvengerDAO in this recovery effort.
— BNB Chain (@BNBCHAIN) April 2, 2023According to BNB Chain it’s "actively supporting the Allbridge team on the fund recovery," and gave a shout-out to AvengerDAO for its efforts in the recovery.
Cointelegraph contacted Allbridge for further comment but did not receive an immediate response.
Magazine: US and China try to crush Binance, SBF's $40M bribe claim: Asia Express