Loopscale Hacker Negotiates Return of $5.8M in Stolen Funds After Solana DeFi Exploit
Talks Ongoing as Protocol Pushes for 20% Bounty Deal
The hacker responsible for stealing $5.8 million from Solana-based DeFi platform Loopscale is in negotiations to return the funds in exchange for a bounty reward, the protocol confirmed.
The attack, which took place on April 26, saw the thief siphon off around 5.7 million USDC and 1,200 SOL tokens from two of Loopscale’s yield vaults. Following the breach, Loopscale immediately paused its lending operations to contain further damage.
Hacker Seeks 20% Bounty for Returning Loot
In an unexpected move, the hacker sent a public message through Etherscan the following day, offering to return the stolen assets under a “white hat” agreement.
“We are agreeable to collaborating with you to reach a white hat agreement. However, we would like to negotiate the bounty percentage; our expectation is 20%,” the hacker wrote. To demonstrate goodwill, they pledged to immediately return 5,000 wSOL following their communication.
Negotiations remain ongoing, as messages exchanged on the blockchain platform suggest the final terms have not yet been reached.
A Costly Breach Amid a Troubled Sector
The Loopscale exploit impacted only its USDC and SOL vaults, amounting to roughly 12% of the platform’s total value locked (TVL), according to co-founder Mary Gooneratne.
The incident comes amid a broader pattern across the Web3 landscape, where only a fraction of the $1.6 billion stolen during the first quarter of 2025 has been recovered. Despite bounty incentives, many hackers have chosen to keep their illicit gains, making successful negotiations like this rare but crucial for DeFi protocols.
In response to the attack, Loopscale initially froze its operations but has since re-enabled loan repayments, top-ups, and loop closures, providing some relief to users. However, withdrawals from Vaults remain suspended as investigations continue.
Loopscale’s Brief Journey Before the Attack
Launched on April 10, Loopscale aimed to improve capital efficiency in decentralized finance by directly connecting lenders and borrowers. The protocol also introduced specialized markets for structured credit, receivables financing, and undercollateralized lending, signaling ambitious plans to carve out a niche in the increasingly crowded DeFi sector.
The attack less than three weeks after launch now tests the resilience of both the project and its community, as Loopscale works to rebuild trust and tighten security protocols in a high-risk environment.
Share This
