Sorry and you’re welcome... Hackers stole $9M from DeFi protocol Crema Finance over the weekend. But in a world full of crypto heists, the real surprise is what came next: they returned all but $1.7M of it. It wasn’t sheer generosity: in return for most of the stolen funds, Crema called the $1.7M a "white-hat bounty” (aka: a non-criminal reward for finding a security flaw). A trend is emerging where hackers steal crypto only to return a large portion. We’re calling it “hack to return.”
All carrot, no stick... Crypto exchanges, platforms, and protocols that find themselves on the receiving end of hacks are trying a new approach to getting their money back: asking nicely. It sounds odd, but hackers are increasingly on board — that’s because making a deal often means being let off as a flaw-finder instead of hunted as a criminal:
It's getting harder to clean dirty crypto... Blockchain analytics companies like Chainalysis are getting better at tracking stolen funds, making it difficult for hackers to launder and anonymously cash out. (Just ask "financial rapper” Razzlekhan, arrested in connection with a $4.5B crypto heist in February.) The hack-to-return trend is an outcome of a $945B industry that's seemingly easy to rob, but whose unofficial cops never lose sight of the getaway car. Sometimes it's easier for hackers to toss most of the cash out the window, and keep what they can move with.