The Munchables hacker, a developer for the Ethereum-based nonfungible token (NFT) game, had a change of heart after nearly eight hours and returned $62.8 million worth of Ether that had been taken in an exploit without requesting a ransom. The hack, which occurred on March 26, saw over 17,400 ETH stolen from the GameFi app.
The Munchables team worked tirelessly to track the stolen funds and collaborated with blockchain detectives to identify the hacker. It was revealed that the exploit was caused by a North Korean engineer employed by the team, known as “Werewolves0943.”
Solidity developer 0xQuit explained that the hack was premeditated, with one of the developers updating the Lock contract just before launch, allowing the attacker to assign themselves a balance of 1,000,000 Ether.
After the hacker was identified as one of the developers, negotiations ensued, and eventually, the former developer decided to return all the stolen funds. The Munchables team expressed gratitude for the return of the funds and stated that they would work with Blast core contributors to disperse the recovered money.
In a separate incident, decentralized finance aggregator ParaSwap was also targeted by a hacker, resulting in the compromise of several addresses and the theft of approximately $24,000. With the help of white hat hackers, ParaSwap was able to rectify the issue and reimburse affected users.
The Munchables and ParaSwap incidents serve as a reminder of the importance of cybersecurity in the crypto space and the need for vigilance to prevent such exploits in the future. Hack victims are advised to only follow correspondence from official sources to avoid falling for reimbursement scams.