In a recent post on X, renowned on-chain analyst ZachXBT unveiled crucial details that could aid in identifying the potential culprit behind the hack on Prisma Finance that occurred on March 28.
On that day, the DeFi protocol Prisma Finance fell victim to an attack on one of its smart contracts, resulting in the loss of 3257 ETH valued at $11.1 million during the incident. Prisma Finance, known for its liquid staking token-powered stablecoin solution, promptly paused its protocol post-hack, instructing users to revoke access to the compromised smart contract.
Initially, the attacker expressed interest in returning the stolen funds through a series of on-chain messages, asserting the hack was a “white-hat rescue.”
3/ At first the attacker communicated with the Prisma deployer the attack was whitehat.
Later that day all of the funds were deposited to Tornado Cash contradicting that statement.
The exploiter began making outrageous demands and asked for a $3.8M (34%) whitehat bounty
This… pic.twitter.com/vFdJCJM5mz
— ZachXBT (@zachxbt) April 16, 2024
A white-hat hacker acts ethically by identifying vulnerabilities in computer code and reporting them to the owners. However, in the crypto realm, grey-hat hackers exploit vulnerabilities, demand bounties, and then return the funds.
ZachXBT’s investigation uncovered that the attacker utilized an Arbitrum address, a Tron address, and the Bybit platform. This same individual was linked to previous hacks in Pine Protocol earlier this year and Arcade_xyz last year. Further research by ZachXBT hinted at the potential name of the hacker being “Trung,” associated with the X account @Ox77wn.
8/ I then discovered the exploiter’s address connected to the deployer of @modulusprotocol
0x77 was one of the few followers of the project strengthening the connection between each incident.
Deployer address
0x29300e694a77d913248d1761d7e4f2d81c350159 pic.twitter.com/R6pnEAg2sA— ZachXBT (@zachxbt) April 16, 2024
Prisma Finance resumed its operations on April 6 following claims of conducting a comprehensive security audit.
This development follows the sentencing of a convicted hacker involved in a decentralized exchange breach, resulting in the theft of $12 million in crypto assets.
According to bug bounty platform ImmuneFi, crypto attacks and rug pulls in Q1 2024 amounted to approximately $336.3 million.