It took Munchables hacker (Munchables developer) nearly 8 hours to change his mind and return $62.8 million worth of Ethereum Stolen without asking for ransom.
On March 26, at approximately 9:30 PM UTC, Ethereum-based non-fungible token (NFT) game Munchables reported a hack that resulted in the loss of over 17,400 ETH from the GameFi application.
Munchables, along with blockchain investigators such as PeckShield and ZachXBT, began tracking the movement of stolen funds in an attempt to intercept them. ZachXBT claims that the vulnerability stems from the Munchables team hiring a North Korean developer who goes by the alias "Werewolves0943."
At 4:40am UTC on March 27, Munchables confirmed that the hacker was one of its developers. After an hour of negotiations, the former developer agreed to return the stolen funds. Munchables said in an official statement:
"Munchables developers have shared all private keys involved to assist in the recovery of user funds. Specifically, the key holding $62,535,441.24, the key holding 73 WETH, and the owner key containing the remaining funds."
The creator of Ethereum layer 2 blockchain Blast, who goes by the pseudonym Pacman, thanked ZachXBT for his support and announced that “the former Munchables developer has chosen to eventually return all funds without any ransom.” Since Munchables is built on the Blast blockchain, Pacman will work with the Munchables team to help redistribute the stolen (and now recovered) funds.
In the meantime, victims of hacks are advised to ensure they only follow communications from official sources to avoid falling for chargeback scams. Since Munchables is built on the Blast blockchain, Pacman will work with the Munchables team to help redistribute the stolen (and now recovered) funds.
In the meantime, hacking victims are advised to ensure they only follow communications from official sources to avoid falling for chargeback scams. ParaSwap successfully resolved the issue with the help of white hat hackers and revoked the permissions of the vulnerable AugustusV6 smart contract.
In total, ParaSwap revealed that 386 addresses were affected by the vulnerability. However, as of March 25, there were still 213 addresses that had not yet had their subsidies revoked on the flawed contracts.
