UwU Lend Offers $5M Bounty in Ether to Identify Attacker After Second Exploit
UwU Lend, a decentralized finance (DeFi) protocol, has announced a $5 million bounty in Ether (ETH) for anyone who can identify and locate the attacker responsible for its recent exploits.
The bounty was announced on June 13 in an on-chain message after the hacker failed to return the stolen funds by the negotiated deadline of June 12, 5:00 pm UTC.
Notably, UwU Lend had initially requested the attacker return 80% of the stolen funds from the first attack by the deadline. Despite these efforts, the attacker launched another exploit on June 13, stealing more from UwU Lend’s pools.
$24 Million in Total Theft: UwU Lend Offers $5 Million Bounty in Ether
UwU Lend has suffered two significant exploits, resulting in a total theft of $24 million. The most recent attack, on June 13, saw the hacker steal $3.7 million from UwU’s uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, and uUSDT pools.
This followed a previous attack on June 10, where $20.3 million was drained through a price manipulation exploit. Following the first attack, UwU Lend had requested the hacker return 80% of the stolen funds, promising no legal action if the request was honored.
However, the hacker did not respond and proceeded with a second exploit on June 13, stealing an additional $3.7 million. Blockchain security firm Cyvers identified that the same hacker executed both attacks using the wallet address “0x841…21f47.”
In response to the second attack, UwU Lend issued an on-chain message to the hacker:
“Repayment deadline for the funds you stole has passed. $5 million bounty to the first person to identify and locate you.”
UwU further claimed that the $5 million bounty would be in Ether and would be paid out before any funds are recovered or charges are laid. Despite these attacks, UwU Lend has reimbursed victims from the first exploit, with over $9.7 million already repaid, according to a recent post on X.
Repaid so far:
• 3,522,427 $DAI
• 233,819 $crvUSD
• 4,225,000 $USDT
• 481.36 $wETH ($1,734,042)
Total: $9,715,288𝘛𝘩𝘢𝘯𝘬 𝘺𝘰𝘶 𝘧𝘰𝘳 𝘺𝘰𝘶𝘳 𝘤𝘰𝘯𝘵𝘪𝘯𝘶𝘦𝘥 𝘴𝘶𝘱𝘱𝘰𝘳𝘵 𝘢𝘯𝘥 𝘵𝘳𝘶𝘴𝘵! 💙#FundsAreUwU
— UwU Lend (@UwU_Lend) June 13, 2024
Crypto Hacks On The Rise
According to a recent report by Immunefi, the crypto industry saw approximately $473.22 million in losses from 108 incidents in May 2024. This represents a 12% decrease from May 2023 and a 28% decrease from the previous month.
A June 13 threat intelligence report from Google Cloud has also exposed a significant wave of cyberattacks by North Korean hackers targeting cryptocurrency exchanges, fintech companies, and individuals in Brazil. The report identifies the North Korean hacking group Pukchong (also known as UNC4899) as the primary culprit. It used malicious software disguised as a crypto price tracker to gain control over victims’ systems.
North Korean groups have been specifically targeting Brazil’s cryptocurrency firms and various sectors, such as aerospace, defense, and government entities. Other North Korean hacking groups, such as GoPix and URSA, also actively target Brazilian cryptocurrency firms with similar malware attacks.
