Hacker praised after $27M crypto heist from Penpie DeFi protocol

The hacker responsible for stealing $27 million in crypto from the decentralized finance (DeFi) protocol Penpie received an appreciation message from a fellow criminal. 

On Sept. 3, Penpie suffered an exploit, losing digital assets worth $27 million. In response, the DeFi platform suspended the deposits and withdrawals. Less than a day after the hack, the Penpie hacker sent $7 million in assets to the crypto mixer Tornado Cash. 

A crypto mixer blends digital asset transactions with vast amounts of other funds to anonymize fund transfers. While they are used for privacy, hackers often use these services to launder their ill-gotten gains. 

Fellow hacker commends Pendle exploiter

Following the hack, the exploiter responsible for the $195 million flash loan attack on Euler Finance in March 2023 sent an onchain message to the Penpie hacker. The fellow thief praised the decision not to return the stolen funds. They wrote: 

“Good job bro. I didn’t see a hack like this for a while. I’m happy you kept all the money and didn’t let these bastards get back one dollar of what you took. You won, they lost. Good job.”

However, the Euler Finance hacker was unsuccessful in achieving the same outcome. On March 15, 2023, lending protocol sent an onchain message to the criminal, giving them a chance to keep about $20 million if 90% of the stolen funds were returned.

The protocol also threatened the hacker by stating that they would put up a $1 million reward for anyone who could provide information that could lead to an arrest. 

On April 4, the Euler Finance hacker returned all recoverable funds. This means the protocol recovered 90% of the hacked amount. After this, the Euler Foundation stopped the $1 million reward campaign effort to catch the hacker. 

Related: Euler Finance bounces back from flash loan attack, introduces modular vaults

August sees 215% rise in phishing

Over 9,000 victims lost about $63 million to crypto phishing scams in August. While the number of victims dropped compared to July, the amount stolen increased by 215%. Most of the stolen amount was attributed to one large-scale attack that led to a $55 million loss. 

On Aug. 20, a wallet owner signed a malicious transaction, transferring the ownership of 55 million Dai (DAI), allowing the scammers to get away with the funds. 

Magazine: Asia Express: WazirX hackers prepped 8 days before attack, swindlers fake fiat for USDT