A few days ago, a hacker stole $25 million from DeFi protocol, dForce. However, the hacker has returned all of the funds. Despite the lack of any explanation regarding the decision to return the stolen funds, it could be due to the hacker’s failure to thoroughly cover up his tracks.

It seems the hacker is trying to avoid further investigation. Metadata linking to the hacker offers much data regarding the hacker’s likely identity. He used only a VPN and not a decentralized network. Hence, this revealed the IP address linking the three exchange interactions.

It was discovered that the hacker used a Mac; the screen resolution and system language setting are also known. They are already investigating the attack; hence, people think that the hacker returned the funds for leniency.

In the words of Haseeb Qureshi of Dragonfly Capital, this is the “most dramatic bug bounty.” The theft is not a good one for dForce as it just received $1.5 million in seed funding led by Multicoin Capital some days before the attack.

According to some people, the attacker was not really much of a hacker. This is because the attacker only utilized an exploit in the protocol which permitted the draining of the contract. It is a situation that could have been easily avoided.

The DeFi domain has been growing tremendously since the previous year, at its peak holding more than $1 billion in locked funds. Nevertheless, in recent times, there have been negative situations, with several thefts in the domain.

Two months ago, about $1 million was stolen from the bZx protocol. The bZx team decided to suspend the network and many people criticized the centralization. Following the attacks, there was a decline in the number of assets held in DeFi-related smart contracts in March. The domain has called for improved security.