Nearly Half of Stolen Digital Assets in March Recovered, PeckShield

Data from PeckShield revealed that 52.8% of the digital assets that were stolen during the month of March have been recovered.

In March, a bunch of hacking incidents led to the theft of about $187 million in digital assets across the crypto space, but blockchain security firm PeckShield reported that $98.8 million of these assets were recovered. Some of the more notable incidents included the hacking of the Munchables game and Prisma Finance, with losses initially estimated at $62 million and $11 million, respectively. Munchables managed to recover its assets, but Prisma Finance is facing a standoff with its hacker who demands public apologies.

March Madness

Almost $100 million in digital assets that were stolen in hacking incidents in March has been successfully recovered, according to data from the blockchain security firm PeckShield. The firm reported that more than 30 hacking incidents took place in March, resulting in a total loss of around $187 million in digital assets. Despite the big financial impact, PeckShield announced that 52.8% of the stolen funds, amounting to $98.8 million, were returned last month.

Among the incidents, the hacking of Munchables, a nonfungible token game based on the Blast network, stood out due to the magnitude of losses, which were initially estimated at $62 million. In a surprising twist, the hacker, who was later identified as one of the game's own developers, returned the funds without any demand for ransom. After this, Blast creator Pacman announced that $97 million in crypto assets taken in the incident had been secured by Blast core contributors.

The Prisma Finance hack also caught the attention of the crypto space when about $11 million in digital assets were stolen. The decentralized finance protocol quickly froze its platform to investigate, and shortly after, the hacker issued an on-chain message claiming the act was a "white hat rescue." Negotiations are ongoing, which could mean a potential recovery of the stolen funds.

PeckShield's report also shed some light on other major losses, including the Curio hack, where $40 million was estimated to be lost due to a breach in its MakerDAO-based smart contract on Ethereum. The NFPrompt platform and the WooFi decentralized exchange also suffered losses of about $10 million and $8.5 million, respectively.

Munchables Enlists Crypto Detective

Munchables recently announced a strategic move to ensure the safe return of user funds after its security breach. The hack, which resulted in a loss of about $63 million, was attributed to a North Korean developer known under the pseudonym “Werewolves0943.” This person managed to infiltrate the game’s security by impersonating four different developers on the team, leading to unauthorized access to private wallets.

In response to this incident, Munchables has taken a creative approach to not only recover the lost assets but also to fortify its security framework. One aspect of this recovery strategy includes the appointment of ZachXBT, a very well known blockchain sleuth, as one of the four custodians of a multi-signature (multi-sig) wallet. This wallet now holds the recovered funds, making sure there is a layer of collective decision-making in the management of these assets.

ZachXBT joins other custodians, namely Manifold Trading, Selini Capital, and Munchables itself, in this critical role. Additionally, the team announced plans to bring on Nethermind to audit all refreshed contracts before resuming operations.

The successful recovery of user assets has paved the way for direct refunds to the affected wallets. As part of its compensation plan, Munchables also teased enhanced game rewards for returning depositors, along with a re-release featuring NFT migration plans and additional features. Moreover, custodians and users who played a role in thwarting the attack have been promised rewards in the form of ETH and future MUNCH tokens.

ZachXBT’s temporary role as a signer in the multi-sig setup is a crucial step towards ensuring governance transparency and operational security. However, he has expressed his intention not to remain in this position long-term, expecting the Munchables team to announce any subsequent changes in signers.

Through collaborative efforts, security audits, and a transparent approach to governance, Munchables will now try to navigate its way back to normalcy.

Prisma Finance Faces Standoff with Hacker

Meanwhile, Prisma Finance found itself grappling with the aftermath of its own exploit that drained $11.6 million from its protocol. Despite efforts to manage the crisis, Prisma Finance revealed that about $540,000 of user funds are still at risk due to accounts that had yet to revoke a compromised smart contract. This contract, which was central to last week's exploit, involved two MigrateTroveZap contracts designed for migrating user positions, which inadvertently opened the door to the multimillion-dollar theft.

The incident, which unfolded on Mar. 28, led to a very sharp decline in Prisma Finance's total value locked (TVL), plummeting from about $220 million to $76 million. The firm, known for its decentralized borrowing protocol that allows users to manage loans through "troves" or Ethereum addresses, stated that the breach was isolated from its core operations.

Adding to the complexity of the situation is the stance of the self-proclaimed "white hat" hacker responsible for the exploit. The person has now set forth some demands including a public apology from Prisma Finance and a public conference where the team's identity has to be revealed. The person holds firm that the return of the stolen funds hinges on these conditions. The attacker also critiqued the firm for what he sees as a lack of good faith and accountability in auditing its smart contracts.

Prisma Finance no longer classifies the attack under white-hat status, arguing that a genuine actor in this role would have started the return of funds by now. The ongoing dispute has spilled over into on-chain messages. Meanwhile, security firms Cyvers and Peckshield reported that the exploiter began converting the stolen assets to Ethereum, with a portion being funneled into the controversial mixer, Tornado Cash.