SafeMoon developers are going to let the attacker keep 20% of exploited crypto.
According to a blockchain statement from the SafeMoon team on April 18, the attacker who stole $8.9 million in Binance Coin BNB from SafeMoon made a deal to refund 80% of the funds.
Breaking News: #SafeMoon has struck a deal with the “hacker”
80% LP return imminent.
20% bounty for “hacker”
And no charges pressed
Now, back to your regularly scheduled program. 🔥🚀 pic.twitter.com/x94fSb4EoP
— SafeMoonSpidey.sfm ⎷ (@SafeMoonSpidey) April 18, 2023
A decentralized finance (DeFi) protocol named SafeMoon operates on the BNB Chain. On March 28, it was hacked, costing 27,000 BNB—at the time, approximately $8.9 million—which was lost.
The SafeMoon Deployer account uploaded a transaction to the BNB network on April 18 at 1:19 PM UTC with the attacker’s address as the recipient of the money. The transaction included the following coded message in 8-bit Unicode Transformation Format (UTF-8):
“SafeMoon and the party holding the funds currently have an agreement. SafeMoon has specifically agreed to accept 80% of the funds back, with the other party keeping the remaining 20% as a bounty. Additionally, SafeMoon has promised not to take legal action against them. This is thought to be in the best interest of SafeMoon and the community after a thorough analysis of the circumstances.”
The coded message is the most recent interaction between the SafeMoon team and the attacker during their negotiations. On March 29, the attacker stated that they had mistakenly drained the funds from the account.
On the same day, the team responded and requested the attacker provide a Telegram handle where they might be reached. The attacker provided an anonymous Outlook email address rather than a Telegram handle. The team then said, “Email message sent. 12:33 UTC.”
There was no more blockchain communication between the two sides until April 18, when a message confirmed that the agreement had been made.
Recently, it has become normal practice to compromise DeFI protocols and negotiate to keep some funds. On April 4, the attacker who had previously stolen over $196 million from Euler Finance apologized and returned almost all of the funds that they had taken. On April 6, the hacker who had stolen $967,000 in cryptocurrency from Sentiment handed back almost 90% of it when the team permitted them to keep the rest.
In order to encourage hackers to report flaws rather than exploit them, several Web3 developers have proposed that bug bounties should be larger and development teams should be more watchful in paying them.