5 recent instances where crypto hackers returned stolen funds in exchange for a bug bounty

Nomad is a cross-chain protocol that enables the cheap and secure transfer of tokens and data between the Ethereum, Avalanche, Evmos, Milkomeda C1, and Moonbeam networks. On August 3, Nomad became the victim of a $190 million theft after hackers were able to exploit vulnerabilities in the platform's smart contracts.

The thing that made the attack unique was that, after the hacker's initial exploit, several users copied the modus operandi and got away with large amounts of tokens. However, once Nomad announced a 10 percent bug bounty for anyone who returned the stolen funds, several individuals began sending in their ill-gotten funds.

As per a Coinbase report on the hack, Nomad had recovered 17 percent of the stolen funds as of August 9. The platform also promised not to initiate legal proceedings against those who returned at least 90 percent of the funds they stole.

Optimism is a layer-2 smart contract platform that enables quick, low-cost Ethereum transactions. On June 1, the platform lost 20 million Optimism governance tokens (OP) to a hacker. At the time, the haul was worth nearly $35 million. Fortunately for Optimism, the hacker was a Whitehat and agreed to return most of the stolen funds.

On June 10, the anonymous attacker returned 17 million of the stolen tokens in 17 intervals of 1 million tokens each. He also sent 1 million OP to Ethereum co-founder Vitalik Buterin, which was also recovered in due time. The remaining 2 million tokens were granted to the hacker as a bug bounty.

On October 1, Transit Swap, a decentralized exchange (DEX) aggregator, was looted to the tune of $23 million after a hacker exploited an internal bug on the platform's swap contract. Shortly after discovering the exploit, the Transit Swap Finance team swung into action with security companies like Peckshield, SlowMist, Bitrace and TokenPocket.

Thanks to their speedy efforts, they were able to ascertain several details relating to the hackers and were getting closer by the moment. And so, with authorities hot on their heels, the hackers were forced to start returning the stolen funds. Transit Swap was able to recover around $19 worth of tokens from the attackers while negotiations continued to recover the rest.

One of the attackers promised to return additional funds, provided that Transit Swap allowed him to retain 10 percent of the loot. However, this seems unlikely, as Transit Swap said it could "seek the intervention of law enforcement agencies" to recover all remaining funds.

On July 2, Crema Finance, a DeFi protocol built on the Solana blockchain, became the target of hackers, who drained the platform of tokens worth $ 9.6 million at the time. The platform was forced to suspend operations and partnered with the blockchain security firm, Ottersec, to trace the stolen funds.

A few days later, Crema Finance announced that it had begun negotiations with the hacker, who had agreed to return most of the funds in exchange for a bug bounty. As per the deal, the hacker was supposed to retain an $800,000 bounty and return the rest of the funds.

Crema Finance said it would begin legal proceedings if the perpetrator refused the offer. However, in a surprising turn of events, the attacker held onto a much larger chunk of the funds, around $1.7 million, and returned nearly $8 million. However, Crema Finance seemed happy with the settlement and said they wouldn't take legal action against the hacker.

In August 2021, the Poly Network suffered what was a record-breaking hack at the time, amounting to a loss of tokens worth more than $610 million. The stolen asset included a mix of tokens such as ETH, BNB, DAI, USDT, BUSD, UNI, SHIB, FEI, BTCB, and more. The attacker even trolled the platform, saying it could have been a $1 billion attack.

Fortunately, a few days later, the hacker returned the entire loot. The stolen funds were recovered in two parts, with the hacker first transferring $258 million, before turning over the rest of the money. The Poly Network offered the hacker a $500,000 bug bounty, but he refused to accept it. "The poly did offer a bounty, but I have never responded to them. Instead, I will send all of their money back," said the hacker.

The prospect of making a good chunk of money without having authorities track you down is a good prospect for hackers. Also, as enforcement agencies sure up their act, hackers may be forced to return ill-gotten funds in the fear of being identified and arrested. In either case, the fact that hackers are returning stolen funds is a good sign.