The Munchables hacker, who recently exploited a weakness in the protocol and drained more than $62 million worth of Ether (ETH), has returned the keys holding the stolen funds.
According to blockchain sleuth ZachXBT, the hacker allegedly worked as a developer on Munchables and has possible ties to North Korea.
Munchables Loses Over $62 Million in ETH
Munchables, a Web3 gaming protocol on the Blast network, suffered an exploit on Tuesday, March 26, which led to the loss of over $62 million. The team behind the project revealed in an X post that the platform was compromised while they were making efforts to track the hacker’s movement and halt transactions.
In response to Munchables’ post, ZachXBT showed that the explorer’s address held about 17,415 ETH (worth $62.25 million based on Ether’s current price). ZachXBT further stated that the attack was carried out by an insider, a suspected North Korean developer allegedly hired by the Munchables team, with the alias “Werewolves0493” on GitHub.
Meanwhile, Solidity developer, who goes by the username 0xQuit on X, said in a post that the attack on Munchables was planned from the beginning. According to the developer,
“The scammer used manual manipulation of storage slots to assign himself an enormous Ether balance before changing the contract implementation to one that appears legit. Then he simply withdrew that balance once TVL was juicy enough.”
Shortly before the hack, the total value locked (TVL) on Munchables was over $96 million, according to data from DeFiLlama. Following the incident, the project’s TVL dropped to $34 million.
A Change of Heart?
However, things took a different turn on Wednesday, March 27, when Munchables, in an update, revealed that the rogue developer agreed to share and has eventually shared the private keys holding all funds without stating any conditions.
The Munchables developer has shared all private keys involved to assist in recovering the user funds. Specifically, the key which holds $62,535,441.24 USD, the key which holds 73 WETH, and the owner key which contains the rest of the funds.
— Munchables (@_munchables_) March 27, 2024
Tiesshun Roquerre, known as Pacman, who is behind the Ethereum layer 2 network Blast and also the non-fungible token (NFT) marketplace Blur, said in an X post, “97 million has been secured in a multisig by Blast core contributors.”
Pacman noted that the ex-developer agreed to return the fund without ransom while stating that there were efforts to safely redistribute the funds to users.
$97m has been secured in a multisig by Blast core contributors. Took an incredible lift in the background but I’m grateful the ex munchables dev opted to return all funds in the end without any ransom required. @_munchables_ and protocols integrating with it like @juice_finance…
— Pacman | Blur + Blast (@PacmanBlur) March 27, 2024
Before the developer returned the funds, there were calls from users on X asking Blast to roll back their chain — which means rewinding the blockchain before when the incident occurred, which, in this case, will undo the hack.
However, this activity is seen as antithetical to decentralization, as blockchain transactions are supposed to be irrevocable. Also, Blast is seen as not being sufficiently decentralized, as it is controlled by 3/5 multisig.