Hacker returned 80% of the ether stolen from the Seneca protocol

The analytical company CertiK warned users about the exploit, recommending that they withdraw confirmations from the address in the Ethereum and Arbitrum networks. Initially, Seneca's losses were estimated at $ 3 million, but later it turned out that the attacker managed to steal more than 1,900 ETH worth about $6.4 million.

The exploit occurred due to a critical vulnerability of the so-called call in the protocol's smart contract. An attacker could make external requests to any address. In addition, there was no code in the contracts with which the project team was able to "set a pause". Because of this, users need to revoke permissions.

Seneca specialists reported that they are investigating the incident together with law enforcement agencies and security service providers. The developers asked the hacker to return 80% of the stolen funds, offering a reward of $ 1.2 million. The criminal will have a chance to avoid lawsuits and legal consequences.

A few hours later, the hacker returned 1537 ETH worth $5.3 million to the Ethereum address specified by the Seneca team. The hacker left himself a 20% reward, thus earning 300 ETH worth about $1 million. He then forwarded these ethers to two different addresses.

Source: https://bits.media/khaker-vernul-80-ukradennykh-iz-protokola-seneca-efirov/