{"id":505280,"date":"2022-10-31T21:00:00","date_gmt":"2022-10-31T18:00:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/team-finance-hacker-returns-7m-to-associated-projects-after-exploit\/"},"modified":"2022-10-31T21:00:00","modified_gmt":"2022-10-31T18:00:00","slug":"team-finance-hacker-returns-7m-to-associated-projects-after-exploit","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/team-finance-hacker-returns-7m-to-associated-projects-after-exploit\/","title":{"rendered":"# Team Finance hacker returns $7M to associated projects after exploit"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a26ebc769bf9\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a26ebc769bf9\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/team-finance-hacker-returns-7m-to-associated-projects-after-exploit\/#%E2%80%9D_Team_Finance_hacker_returns_7M_to_associated_projects_after_exploit_%E2%80%9C\" >&#8221; Team Finance hacker returns $7M to associated projects after exploit &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Team_Finance_hacker_returns_7M_to_associated_projects_after_exploit_%E2%80%9C\"><\/span>&#8221; Team Finance hacker returns $7M to associated projects after exploit &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTAvMjRkNzhmYzctYmYzYS00OTc4LWExOTgtZjExMTExZTdjMGRlLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-4b69a2fe>Four projects have received some $7 million worth of tokens from the hacker behind the $14.5 million Team Finance exploit on Oct. 27. Over the weekend, the attacker\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etherscan.io\/idm-chat?addresses=0xBa399a2580785A2dEd740F5e30EC89Fb3E617e6E&amp;title=0xBa399a2580785A2dEd740F5e30EC89Fb3E617e6E\">confirmed<\/a> in a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/watch-movies-tv-seriess\/\" data-internallinksmanager029f6b8e52c=\"8\" title=\"Watch Movies &amp; TV Series\" target=\"_blank\" rel=\"noopener\">series<\/a> of messages that they would keep 10% of the stolen fund as a bounty and return the other tokens to the affected projects.<\/p>\n<p>The exploiter \u2014 a self-described \u201cwhitehat\u201d \u2014 drained assets from Team Finance through the Uniswap v2-to-v3 migration. As reported by Cointelegraph, liquidity from Uniswap v2 assets on Team Finance were transferred to an attacker-controlled v3 pair with skewed pricing, explained the blockchain security firm PeckShield. <\/p>\n<p>The stolen funds included USD Coin (USDC), CAW, TSUKA and KNDA tokens. Some of the affected tokens, such as CAW,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/v2.info.uniswap.org\/token\/0xf3b9569f82b18aef890de263b84189bd33ebe452\">suffered<\/a> steep price declines due to the exploit and subsequent liquidity crunch.\u00a0<\/p>\n<p>On Oct. 30, Kondux, a nonfungible token (NFT) marketplace, announced it received 95% of the stolen funds, or 209 Ether (ETH), while Feg Token recovered 548 ETH. Tsuka\u2019s blockchain protocol also\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/Dejitaru_Tsuka\/status\/1586839675293122561\">confirmed<\/a> receiving over $765,000 worth of the stablecoin Dai (DAI) and 11.8 million TSUKA. Caw Coin \u2014 the biggest victim of the exploit \u2014 received back $5 million worth of DAI and 74.6 billion of its native token, CAW.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We&#8217;re thrilled to announce we have received 95% of the exploited ETH back!<\/p>\n<p>Please bear with us in the coming 48 hours \u23f3 as we await the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24KNDX&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$KNDX<\/a> to return so we can plan our next move forward. \u23e9 <\/p>\n<p>Massive thanks to the community for their unwavering support <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24FEG&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$FEG<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24CAW&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$CAW<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24TSUKA&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$TSUKA<\/a><\/p>\n<p>\u2014 Kondux (@Kondux_KNDX) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/Kondux_KNDX\/status\/1586858508258971649?ref_src=twsrc%5Etfw\">October 30, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nOn <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a>, the protocol urged the hacker to get in contact for a bounty payment. According to Team Finance, its smart contract had been previously audited, and developers had temporarily halted all activity on the protocol. The company was founded in 2020 by TrustSwap, which provides token liquidity locking and vesting services to project executives. The protocol claimed to have $3 billion secured across 12 blockchains.<\/p>\n<p>The exploit followed the\u00a0Mango Markets attack on Oct. 11, when a hacker manipulated the value of the platform\u2019s native token, MNGO, to achieve higher prices. The attacker then took out significant loans against the inflated collateral, draining Mango\u2019s treasury.<\/p>\n<p>After a proposal on Mango\u2019s governance forum was <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>roved, the hacker was\u00a0allowed to keep $47 million as a \u201cbug bounty,\u201d while $67 million was sent back to the treasury.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/team-finance-hacker-returns-7m-to-associated-projects-after-exploit\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Team Finance hacker returns $7M to associated projects after exploit &#8220; Four projects have received some $7 million worth of tokens from the hacker behind the $14.5 million Team Finance exploit on Oct. 27. Over the weekend, the attacker\u00a0confirmed in a series of messages that they would keep 10% of the stolen fund as&#8230;<\/p>\n","protected":false},"author":1,"featured_media":505281,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTAvMjRkNzhmYzctYmYzYS00OTc4LWExOTgtZjExMTExZTdjMGRlLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74868,74882,82350,70944],"class_list":["post-505280","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-defi","tag-hacks","tag-usd-coin","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/505280","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=505280"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/505280\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/505281"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=505280"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=505280"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=505280"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}