An ethical hacker has returned $1.59 million to the decentralized finance (DeFi) lending platform Tender.fi after exploiting the system. The stolen funds were returned in exchange for a bounty reward of 6% of the exploit value, or approximately $97,000 in Ethereum.
Tender.fi is a decentralized platform that allows users to borrow and lend cryptocurrency assets. However, due to the complex nature of DeFi platforms, they are vulnerable to various security risks, including misconfigured oracles.
The protocol underwent an unusual amount of borrows, leading the platform to halt all lending operations. A security analyst revealed that a hacker borrowed $1.59 million worth of assets from the protocol by depositing 1 GMX token valued at $71.
The white hat hacker returned the funds to Tender.fi after completing the loan repayments. Tender.fi confirmed the exploit and the repayment on Twitter. The bounty reward was awarded to the hacker in recognition of their ethical actions.
DeFi hacks have become more common recently, raising concerns about users’ funds’ safety and security. DeFi is a blockchain-based financial system that provides an alternative to traditional finance. However, the decentralized nature of DeFi means that there is no central authority or institution to regulate or secure the system.
As a result, malicious actors can exploit vulnerabilities in smart contracts, decentralized applications, and other DeFi protocols to steal funds from users. The total value hacked in DeFi has exceeded $5 billion, according to DefiLlama, a DeFi data analytics platform.
While DeFi offers many benefits, including increased accessibility, transparency, and autonomy, it is essential to ensure that the platforms are secure and reliable. Ethical hackers can play an important role in identifying vulnerabilities and promoting trust and confidence in the DeFi ecosystem.
