UwU Lend Announces $5 Million Bounty for Identifying The Hacker

Following two separate attacks, the Uwu Lend exploit has reached $24 million in stolen funds. The findings indicate that the same hacker masterminded both exploits.

The hacker is still yet to be identified, and UwU Lend has released a $5 million bounty for whoever helps catch the criminal.

UwU Lend Moves to Catch Hacker and Recover Stolen Funds

Following the $24 million exploitation, UwU Lend's team is trying to recover stolen funds. UwU Lend sent an on-chain message to the exploiter, noting that the repayment deadline had passed. The message also stated that anyone who identified the hacker would have a $5 million bounty.

It's worth noting that the protocol had requested the hacker return 80% of the stolen funds and keep 20%. UwU gave the exploiter a deadline of 5:00 p.m. UTC on June 12 to return the funds.

Also, the protocol promised to drop the case and never press charges should the exploiter comply with requests. However, the hacker has made no effort to return the funds.

UwU said it would pay the $5 million bounty in Ether before the stolen funds are recovered. It's worth mentioning that the lending protocol was trying to repay the hack victims before the second attack occurred.

According to a June 13 announcement on X, the protocol had repaid all the Wrapped Ether (wETH) debts, which amounted to 481.36 ETH (approximately $1.7 million). It also repaid 4.23 million USDT, 233,819 crvUSD, and 3.5 million DAI, bringing the reimbursement total to over $9.7 million.

Moreover, the lend protocol said a vulnerability in the USDe Market Oracle caused the exploit. However, this vulnerability has been handled, and auditors have reviewed the markets with no security concerns detected.

How UwU Lend Lost $24 Million to Hackers Within Four Days?

DeFi lending platform UwU Lend witnessed two hacks, which resulted in the loss of approximately $24 million in crypto assets.

The reports show thatthe first incident happened on June 10, when the hacker siphoned $20.3 million in cryptocurrencies through a price manipulation scheme.

The second attack occurred on June 13, when the hacker disappeared with $3.7 million in crypto from multiple lending pools on UwU lend. According to Cyvers Alerts, the lending pools affected include uDAI, uLUSD, uFRAX, uCRVUSD, and uUSDT.

According to the report, the exploiter used a flash loan to exchange USDe tokens for other cryptocurrencies, causing disparities in the price of Ethena Staked USDe (SUSDE) and Ethena USDe (USDE).

The hacker later deposited the funds on UwU Lend and borrowed more SUSDE than expected, triggering an uptick in the price of USDE. Similarly, they deposited SUSDE to UwU and borrowed a considerable amount of Curve DAO (CRV), exceeding the expected amount.

Following the transactions, the hacker converted the stolen funds to ETH, which amounted to over $20 million for the first attack. The UwU Lend exploiter stole approximately $24 million from the DeFi protocol through the two attacks.

The post UwU Lend Announces $5 Million Bounty for Identifying The Hacker appeared first on The Tech Report.