DeFi lending platform Sentiment has responded to a reentrancy assault that resulted within the lack of $1 million value of crypto by providing a $95,000 bounty to the hacker or anybody with info that might assist Sentiment discover and prosecute the attacker.
As earlier reported by crypto.information, the hacker exploited a vulnerability within the Sentiment sensible contract on the Arbitrum blockchain and repeatedly drained funds from the protocol earlier than its state may very well be up to date.
The Sentiment group introduced the incident on Twitter on April 5 and stated they’d paused the principle contract and restricted performance solely to permit withdrawals.
The group additionally confirmed that they’d employed third-party safety auditors to repair the difficulty, allow customers to repay money owed, and unwind their positions.
Sentiment reaches out to attacker
In an try to get well the stolen funds, the Sentiment group additionally posted a message on arbiscan.io, a block explorer for Arbitrum, providing a ten% bounty to the hacker in the event that they return the remainder of the funds.
“To the hacker: We’ll give you $95k and won’t pursue this, if you happen to return the cash by 8 am UTC 6 April. To everybody else: if the hacker has not returned the funds by the above time, we’ll give any individual that very same $95k if you happen to assist us discover and prosecute the individual liable for this theft.”
Sentiment, message to hacker.
By the point of going to press, Sentiment had but to point whether or not the hacker had responded to the message or contacted the platform.
The Sentiment hack is the newest in a collection of assaults on DeFi platforms which have uncovered the dangers and challenges of decentralized finance. The DeFi market has seen several exploits and hacks this 12 months, with tens of millions of {dollars} value of crypto belongings stolen or misplaced.
Some notable incidents embody the Euler Finance hack that resulted in almost $200 million value of losses, the Bong DAO exploit that drained $88 million value of funds, and the Platypus Finance flash loan assault the place the hacker reportedly made off with $9 million value of crypto.