- The Prisma attacker has connections with earlier hacks in two web3 protocols.
- Attacker within the muse claimed the attack to be a “white-hat rescue” before depositing the stolen funds to sanctioned mixer Twister Cash.
- The Prisma team has begun leveraging licensed avenues in Vietnam and Australia to apprehend the attacker.
In an X publish on Tuesday, well-liked on-chain analyst @ZachXBT revealed key recordsdata that could perchance also lead to the prospective apprehension of the attacker who hacked Prisma Finance on March 28.
Prisma attacker’s provide to advance stolen property
On March 28, DeFi protocol Prisma Finance suffered an attack on one in all its neat contracts, ensuing in a loss of 3257 ETH charge $11.1 million on the time. Prisma Finance, which claims to be a liquid staking token-powered stablecoin solution, straight halted its protocol after the hack, ordering customers to revoke obtain loyal of entry to to the neat contract.
The attacker within the muse enquired about returning the funds thru a series of on-chain messages, claiming the hack to be a “white-hat rescue.”
Also read: DEX hacker sentenced to 3 years in reformatory after stealing $12 million charge of cryptocurrency
A white-hat hacker acts ethically by discovering vulnerabilities in laptop code and reporting them to the dwelling owners. On the other hand, within the crypto situation, grey-hat hackers see for vulnerabilities, exploit them, and demand for bounties before returning the funds.
3/ On the initiating the attacker communicated with the Prisma deployer the attack develop to be once whitehat.
Later that day the full funds were deposited to Twister Cash contradicting that observation.
The exploiter began making immoral demands and asked for a $3.8M (34%) whitehat bounty
This… pic.twitter.com/vFdJCJM5mz
— ZachXBT (@zachxbt) April 16, 2024
Investigations provide a ray of hope for Prisma
An investigation by @ZachXBT revealed that the attacker leveraged an Arbitrum address, Tron address, and Bybit.
The identical attacker develop to be once linked to hacks in Pine Protocol earlier, before every little thing of the 365 days, and Arcade_xyz final 365 days.
@ZachXBT’s extra investigation revealed the hacker’s capability title to be “Trung” with the X memoir @Ox77wn
9/ Additional diagnosis develop to be once conducted with the mobile phone number, emails, and other details of the alleged exploiter.
From their posts on X it’s obvious they have gotten a solid technical background.As of now all private details were compiled and the Prisma team is pursuing each and every… pic.twitter.com/GvQIbXbxdG
— ZachXBT (@zachxbt) April 16, 2024
Prisma resumed operation on April 6 after it claimed to have implemented a security audit.
This comes after a convicted decentralized commerce hacker develop to be once sentenced to 3 years in reformatory after stealing $12 million charge of crypto property.
Crypto assaults and rug pulls in Q1 2024 reached about $336.3 million, in step with malicious program bounty platform ImmuneFi.
