Prisma Finance Hacker Says ‘Whitehat Rescue’ After $11.6 Million Exploit

The Prisma Finance hacker who stole $11.6 million from the decentralized finance (DeFi) protocol is calling the exploit a “white hat rescue” and is asking who to contact to get the money back, according to chain messages.

A white hat hacker uses their hacking skills to try to find security vulnerabilities in software code.

Attacker says ‘Whitehat Rescue' before moving funds.

Six hours after the Prisma Finance hack, the attacker sent a message saying it was a “white hat rescue” aimed at helping the platform, blockchain analytics firm Eterscan said.

The attacker used the address “0x2d4…7507a”, which was previously identified as one of those linked to the attack, and asked how to get the money back into the protocol. In response, two hours later, Prisma Finance provided contact information for negotiations.

According to blockchain security firm PeckShield, 3,257.7 ETH was stolen and sent to three different addresses.

#PeckShieldAlert The attack is ongoing and the total loss has now increased to ~3,257.7 $ETH (value ~11.6 million USD) To catch owners, please watch for announcements from official sources and beware of scams pic.twitter.com/5HYGYCROIP

— PeckShieldAlert (@PeckShieldAlert) March 28, 2024

Despite claiming good intentions, blockchain security firm Cybers noted that the attacker exchanged the stolen funds for Ether (ETH) after the message. PeckShield also later discovered that 200 Ether was transferred to an OFAC-approved Tornado Cash Transfer, a cryptocurrency mix known for obfuscating transactions and sources of funds, often used for illegal activities.

In response to the exploit, Prisma Finance has suspended its DeFi protocol and is currently investigating the root cause of the attack. The move impacted the platform, with the total value locked on their protocol dropping from $220 million to $107 million, DeFillama said.

Most crypto losses come from hacking, not fraud

According to Immunefi, a web3 security company, more than $200 million has already been lost to hacking and fraud in 32 individual incidents in the first two months of 2024. In the year In 2023, there was a total loss of $1.8 billion due to hacking and fraud, 17% of which was linked to North Korea's Lazar group.

Most of the money lost is due to hacking rather than fraud. Only $103 million was lost to clearly identifiable fraud methods, such as carpet dragging, and more than $1.6 billion was lost to hacking and exploitation. Of these losses, $1.3 billion was caused by so-called decentralized protocols, while only $409 million was lost from centralized finance (SeFi) crypto protocols.

In response to these developments, the Prisma Governance Token (PRISMA) experienced a 30% drop to $0.244 after the news. However, according to data from CoinGecko, it fell by 35% last week, after which it rose to $0.28.