Curve hacker behind $61M heist begins returning funds


A miner extractable value (MEV) bot that drained 6,106 Ether from the Curve Finance pETH-ETH pool has returned most of the funds to the JPEG’d deployer, which represents nearly all of the drained funds. This event occurred after the bot’s address sent a message on the Ethereum blockchain seeking to prove that their email address was associated with the frontrunning bot.

The Ethereum IDM negotiations that led to the partial return of funds. Source: Etherscan

The returned funds come only from the pETH-ETH Curve pool associated with the JPEG’d protocol, which was frontrun by the bot. All other exploited funds are still under the control of the attacker who initiated the exploit. The Curve team has also sent a message to the original attacker in an attempt to get the rest of the funds returned.

This is a developing story, and further information will be added as it becomes available.