UwU Lend offers a $5m bounty to whoever catches its exploiter, who has now stolen a combined $24 million from the protocol across two attacks.
The UwU Lend protocol’s development team is issuing a $5 million reward to the individual who can identify its assailant after executing a second protocol exploit.
“The repayment deadline for the funds you stole has expired.” In a June 13 on-chain message, UwU offered a five-million-dollar bounty to the first individual to identify and locate the hacker. This was in response to the hacker’s failure to transmit 80% of the stolen funds by the requested deadline of June 12 at 5:00 pm UTC.
UwU asserts that the $5 million bounty would be distributed in Ether before the recovery of funds or the filing of charges.
According to blockchain security firm Cyvers, the same intruder conducted a second $3.7 million exploit on June 13, stealing funds from UwU’s uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, and uUSDT pools.
According to Cyvers, the two breaches were executed by the same hacker wallet address, “0x841…21f47.”
How the UwU Lend exploit unfolded
On June 10, the initial exploit resulted in a loss of $20.3 million due to a price manipulation attack.
UwU subsequently requested that the hacker return 80% of the funds, enabling them to retain the remaining 20%. Additionally, it guaranteed the perpetrator that they would discontinue their legal proceedings.
Nevertheless, the hacker did not respond and executed the second $3.7 million exploit shortly before UwU announced the $5 million bounty.
The second exploit transpired as UwU was commencing to reimburse victims for the initial $20.3 million exploit, which resulted from a price manipulation attack.
According to a post on UwU Lend X, victims have already received $9.7 million in compensation.
CoinGecko reports that the UWU Lend token (UWU) has declined by 20% to $2.51 over the past week despite losing $24 million.
It currently has a market capitalization of $22.6 billion.
A recent report from Crystal Intelligence indicates that nearly $19 billion in cryptocurrencies have been stolen since the first industry hack was disclosed in June 2011.
