Share

Hacker Behind Crypto Lender Loopscale’s $5.7M Exploit Agrees to Return Funds

Initially, the hacker demanded a higher bounty but returned 5,000 SOL (worth $750,000) as a gesture. 
Ephraim Emmanuel
Last updated:
28 April 2025 @ 13:43 UTC
Why Trust CTW

CTW is a fresh voice in the world of cryptocurrency, offering clear and insightful coverage of the ever-evolving digital asset landscape. Backed by a team of passionate writers and crypto enthusiasts, we dive deep into market trends, emerging technologies, and innovative blockchain projects. We hope to become your go-to source for up-to-date information in this fast-paced industry.

Loopscale

Share

The hacker behind crypto lender Loopscale’s $5.7 million heist has agreed to return the stolen funds for a 10% bounty. This resolution highlights a growing trend of negotiating with hackers to recover losses in the volatile world of decentralized finance.

Hacker Returns 90%, Keeps 10%

On April 26, 2025, Loopscale, a Solana-based lending platform that launched just two weeks earlier, suffered a major security breach. A hacker exploited a flaw in the platform’s collateral pricing system, draining 5.7 million USDC and 1,200 SOL, roughly 12% of Loopscale’s total value. The attack targeted the platform’s USDC and SOL vaults, forcing Loopscale to halt lending markets and freeze vault withdrawals to prevent further losses. 

Co-founder Mary Gooneratne announced the team’s immediate investigation, working with security experts to trace the funds. Loopscale offered the hacker a whitehat agreement, promising a 10% bounty of about $570,000 and no legal action if the funds were returned by April 28. Initially, the hacker demanded a higher bounty but returned 5,000 SOL (worth $750,000) as a gesture. 

Loopscale confirmed today that the hacker has kept the agreement to return the remaining funds for the 10% bounty, with negotiations ongoing to finalize the transfer. The platform is preparing a detailed post-mortem to address the pricing vulnerability and enhance security.

A Growing Trend

This case reflects a growing strategy in crypto bounty offerings to recover stolen funds. As hacks surge, with $1.6 billion lost in Q1 2025 alone, bounties are becoming a practical tool. They tend to incentivize hackers to return funds without lengthy legal battles, benefiting platforms and users. Loopscale’s approach mirrors recent incidents, like the $572,000 SIR. trading theft and the $7 million KiloEx hack, where platforms negotiated similar deals. 

The recent $5 million exploit involving ZKSync has resulted in a partial recovery of funds through the implementation of bounties. While this approach is subject to debate, it highlights a significant trend within the crypto industry towards more pragmatic solutions in response to increasing security challenges. The case of Loopscale may establish a notable precedent, encouraging platforms to prioritize recovery efforts rather than engage in confrontation. 

As Loopscale works to restore operations, the crypto community awaits its full report. With vault withdrawals still frozen, the successful return of funds could rebuild trust and highlight bounties as a viable response to the persistent threat of DeFi exploits.

Ephraim Emmanuel

Enter your email for our Free Daily Newsletter.

Newsletter Subscribers (Home Footer}