A roughly $12 Million cryptocurrency is stolen by hackers from Harvest Finance. Harvest Finance is a web portal that allows you to invest in cryptocurrencies. However, the hackers have returned $2.5 million.
Defi Protocol Harvest Finance Hacked for $24 Million
And the authors of Harvest Finance has kept a reward of $100,000 for whoever returns the funds back. The funds are hacked from the decentralized finance (DeFi) service Harvest Finance.
A day before, the hackers have hacked the service, and immediately the Harvest Finance administrators have confirmed the news. The administrators have posted a tweet on the official Twitter account and on the Discord channel.
As per the messages by the administrators, the hacker has stolen a huge amount of cryptocurrency assets. After that, the hacker used a cryptographic exploit to steal the funds of the site.
According to the reports on zdnet, the hacker has stolen USD Coin $13 million and USDT $11 Million. The administrators of Harvest Finance have signed out a Transaction ID in the investigation and gave these reports.
Instantly, after the attack, the hacker returned $2.5 million back, but the reason is still not known why the hacker has done this.
We made an engineering mistake, we own up to it. Thousands of people are acting as collateral damage
— Harvest Finance (@harvest_finance) October 26, 2020
The company has posted a message on the Discord channel, where it says the attack has left personally identifiable information and said that the hacker is well-known in the crypto community.
A tweet posted by Harvest Finance says the attack was made because of a mistake on its part, and the attacker got a chance to return the funds without any problem.
The company said,
“We made an engineering mistake, we own up to it. We do not have any interest in doxxing the attacker […]. People should have their privacy,” the company added. “You’ve proven your point. If you can return the funds to the users, it would be greatly appreciated by the community, and let’s move on.”
Harvest Finance company said, “Please do not doxx the attacker in the process. We strongly advise to focus all efforts on ensuring that user funds are successfully returned to the deployer”.
Now, the company has kept a reward to anyone who will find a way to get back the stolen funds. First, the company offered a $400,000 reward, and then it was lowered to $100,0000.