The attacker behind a $5.8 million exploit of Solana-based protocol Loopscale has agreed to return the stolen money in exchange for a 10% bounty.
The news came after the platform was hacked on April 26 when an exploit affected the platform’s pricing system, causing a loss of roughly $5.7 million worth of USDC and 1,200 SOL from its vaults.
The platform gave the hacker an offer and a grace period until April 28 at 6 AM EST to reply. The hacker appears to have agreed to the deal, expressing a willingness to return the stolen funds and claim the bounty.
The hack was caused by manipulating Loopscale’s RateX PT token price, which made up about 12% of all the funds on the platform, greatly affecting the depositors in the affected vaults.
Loopscale proposed a whitehat contract to the exploiter
Following the attack, Loopscale admitted that the hacker had discovered a weakness in the company’s pricing structure in a message sent to the exploiter’s address.
To solve this, the company proposed giving the exploiter a whitehat contract to return 90% of the stolen funds worth 35,527 SOL.
As soon as they received the transfer, the platform promised to release the exploiter from all liability related to the attack and let the exploiter keep a bounty of 10% of the money, worth 3,947 SOL.
Since the exploiter expressed interest in accepting the offer, the Loopscale team stated that it would provide a comprehensive post-mortem in the coming days.
The number of exploits towards blockchain firms has been on the rise. In the first quarter of 2025, hackers stole over $1.6 billion worth of crypto from exchanges and on-chain smart contracts, blockchain security firm PeckShield said in an April report.
Over 90% of those losses are attributable to the $1.5 billion ByBit attack by the North Korean hacking outfit Lazarus Group.
The intrusion of Loopscale’s system caused huge losses
Loopscale was hacked on Saturday, roughly two weeks after its launch on April 10. The attacker used a series of undercollateralized loans to drain about 5.7 million USDC and 1,200 SOL.
Concerning the attack, Loopscale claimed that a weakness in the pricing of RateX-based collateral was the root cause of the exploit.
As a result, the company took some precautions to ensure the safety of its customers. The team temporarily disabled loan repayments, withdrawals, and other features due to the breach in order to stop additional losses.
While some features, such as loop closures, top-ups, and repayments, had since been restored, vault withdrawals and new deposits were still prohibited.
The attack resulted in significant losses. To illustrate, the exploit affected roughly 12% of Loopscale’s total value locked, which had risen to about $40 million before the incident.
As reported on X, the team was investigating the exploit’s circumstances, the perpetrator, and the best course of action for potential fund recovery.
Loopscale was established to develop an alternative lending model to more conventional pool-based platforms such as Aave or Solend. It uses an order book system to match lenders and borrowers rather than pool liquidity directly.
Loopscale previously raised $4.25 million in 2021 from backers, including Solana Labs and Coinbase Ventures. At the time, the project operated under the name Bridgesplit and initially focused on developing an NFT-based yield product.
In addition to facilitating specialized lending strategies like structured credit and receivables financing, the platform supports more than 40 token pairs. While the SOL vault provided yields exceeding 10%, its USDC vault offered more than 5% APR. Approximately 7,000 lenders had signed up for the platform prior to the hack.
Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot
