Key takeaways:
- A hacker who gained access to a blockchain address with 20 million OP returned 17 million tokens today
- Previously, the hacker sold 1 million OP and sent the same amount to Ethereum founder Vitalik Buterin
- The hacker returned stolen funds in 18 separate transactions, each amounting to exactly 1 million OP
A hacker who stole 20 million OP on the day of the OP token launch has returned 17 million tokens
Yesterday, we wrote about a recent exploit that saw an anonymous attacker gain access to a blockchain address with 20 million OP tokens (worth $35 million at the time of the hack). Today, 17 million of those tokens were returned to the Optimism contract address.
Earlier this month, on the day of the launch of the Ethereum Layer 2 scaling project Optimism’s governance token OP, a hacker was able to access a blockchain address with 20 million OP tokens sent from Optimism to crypto market maker Wintermute. Since millions of dollars worth of tokens were sent to an unsynced Ethereum address from the Optimism Layer 2 network, they could not be immediately reached by the Wintermute team.
The attacker pounced at the opportunity and used his expertise to gain access to the tokens that were, for a lack of a better word, in a state of limbo. The attacker proceeded by selling 1 million OP tokens via a blockchain anonymizing service Tornado Cash, and sent 1 million tokens to a blockchain address belonging to Ethereum founder Vitalik Buterin
In the meantime, Optimism and Wintermute notified their communities about the incident. In addition, the Wintermute team issued a not so thinly veiled threat, calling on the hacker to return stolen funds or continue living in fear for the rest of its life.
It seems that the hacker has decided it is best to accept the offer. Etherscan shows that 17 separate transactions of 1 million OP each have been made in the last couple of hours. The Wintermute Exploiter Multisig wallet is now left with a balance of roughly 154 OP.