This case involves a decentralized finance (DeFi) platform that suffered an exploit where an attacker drained $20 million in liquidity.
- The Scam: An attacker exploited a smart contract vulnerability to siphon assets into a private wallet.
- The Recovery: Instead of a traditional police chase, the protocol’s security team sent an on-chain message to the hacker, offering a 10% “white hat” bounty and immunity from prosecution if the funds were returned. Surprisingly, the hacker agreed. After keeping $2 million as a legal bounty, they returned $18 million to the protocol, which was then redistributed to the affected investors.