Crypto hackers steal $9M, then give most of it back, in the latest instance of “hack to return”

Friday, July 8, 2022 by Robinhood Snacks |

Sorry and you’re welcome... Hackers stole $9M from DeFi protocol Crema Finance over the weekend. But in a world full of crypto heists, the real surprise is what came next: they returned all but $1.7M of it. It wasn’t sheer generosity: in return for most of the stolen funds, Crema called the $1.7M a "white-hat bounty” (aka: a non-criminal reward for finding a security flaw). A trend is emerging where hackers steal crypto only to return a large portion. We’re calling it “hack to return.”

All carrot, no stick... Crypto exchanges, platforms, and protocols that find themselves on the receiving end of hacks are trying a new approach to getting their money back: asking nicely. It sounds odd, but hackers are increasingly on board — that’s because making a deal often means being let off as a flaw-finder instead of hunted as a criminal:

  • Optimist: Hackers stole $16M worth of tokens from an ethereum layer 2 called Optimism in June, but later returned $14M worth, keeping the rest as a bounty.
  • Altruist? A hacker stole $600M from the Poly Network in August, but gave it back in return for a promised $500K bounty (the nickname: "Mr. White Hat").

It's getting harder to clean dirty crypto... Blockchain analytics companies like Chainalysis are getting better at tracking stolen funds, making it difficult for hackers to launder and anonymously cash out. (Just ask "financial rapper” Razzlekhan, arrested in connection with a $4.5B crypto heist in February.) The hack-to-return trend is an outcome of a $945B industry that's seemingly easy to rob, but whose unofficial cops never lose sight of the getaway car. Sometimes it's easier for hackers to toss most of the cash out the window, and keep what they can move with.