Crypto Firm Akropolis Offers $200,000 Bug Bounty to Hacker Who Stole $2m

$2m in funds was stolen from Akropolis last week. Akropolis has since offered a bug bounty to the hacker who stole the crypto currency.

Gibraltar-based Akropolis was attacked on Thursday, when an individual exploited a bug in the deposit logic of its SavingsModule smart contract to make off with a little over two million in DAI virtual currency.

However, the firm’s security company PeckShield claimed to have located the attacker’s Ethereum account, where the funds were transferred to, and said it is monitoring it for any further movement.

This could make it more challenging for the attacker to launder those funds, which might be why Akropolis published an open letter to them over the weekend.

“We have not contacted any form of law enforcement to pursue a criminal investigation. We would like to propose that you return the funds of our community members within 48 hours and in return we will offer a $200,000 USD bug bounty. We will take measures to protect your identity as required,” it said.

“If you decide not to co-operate we will pursue criminal action and contact law enforcement. We hope that we can work together towards a resolution, thank you for your time.”

In the meantime, Akropolis said it has fixed the issue at a contract level, performed an internal investigation with auditors and an external one with investors and exchange partners.

An attack on another decentralized finance (DeFi) protocol firm, Harvest Finance, at the end of October led to the theft of $24m. On that occasion the firm offered a $100,000 reward for the first person to contact the attacker and help them return the funds.

Recommended:  Nearly 300 Vulnerabilities Patched by Huawei's HarmonyOS in 2022

Bookmark
Social Comments Box
Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
Connect
Share the word, let's increase Cybersecurity Awareness as we know it

RiSec.n0tst3

Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

Leave a Reply