A hacker has returned over $26,2 million worth of Ethereum to CoinDash, the company it obtained the funds from in July 2017.

The money was sent back in two tranches. The hacker sent the first one in September last year when he returned 10,000 ETH ($8.7 million) and a second round last Friday when he returned another 20,000 ETH ($17.45 million).

The hacker did not return all funds, though, keeping over 13,400 ETH ($11.7 million) from the 43,400 ETH ($37.9 million) CoinDash believes the hacker stole.

Hack took place last year

The hack took place on July 17, 2017, three minutes after CoinDash launched its ICO, a funding round meant to raise Ethereum funds for CoinDash's main product, a social trading platform.

The hacker hijacked the company's official website and replaced the Ethereum address at which users could send money to buy CoinDash tokens for the official CoinDash ICO.

The company admitted its blunder and in the end awarded CoinDash tokens to everyone who sent money to the hacker's address during the hack. At the time, the stolen funds were worth only $7.8 million.

Nobody knows why the hacker returned the funds

It is unclear what drove the hacker to return part of the stolen funds. Some argue that even after returning almost three-quarters of the stolen funds, the rest of the stolen Ethereum is still worth more than the stolen funds at the time they were stolen.

Some experts argued that the hacker has made a mistake by not laundering the stolen Ethereum right after the hack, and he is now unable to move the funds because most cryptocurrency trading platforms have blacklisted his address —now universally tracked under the codename of "FAKE_CoinDash"— and no exchange will help the hacker convert his funds into fiat or another cryptocurrency fearing a legal action.

Because this is the world of cryptocurrency, there are also plenty of wild theories. There are also those who believe the hack was an inside job, and the "hacker" conveniently returned the funds after the SEC started cracking down on ICO scams, and US authorities sentenced a Bitcoin exchange admin for lying about the circumstances of a hack.

Others think it's a media stunt meant to attract attention to CoinDash, who's launching a product in a few days. Either way, the money is irrevocably and without a doubt back in CoinDash's possession. Judging that all users tricked into sending money to the hacker's address got CoinDash tokens regardless, this was one of 2017's least damaging incidents, at least for users. CoinDash said it's still working with Israel's Counter Cyber Terrorist Unit to track down the hacker.