Indexed Finance Attacker Refuses to Return Stolen $16M, Team Approaching Authorities

Share Article
In Brief
  • The Indexed Finance team identified the attacker and gave him multiple chances to return the funds.

  • The attacker has refused, forcing the team to take the matter to law enforcement.

  • Indexed Finance is working on a compensation plan to reimburse victims.

  • promo

    Claim a $200 reward with 3 simple steps — only on Bybit!

The Trust Project is an international consortium of news organizations building standards of transparency.

The hacker who stole $16 million from Indexed Finance DeFi pools last week is refusing to return the funds. The team, which has identified the attacker, will now contact law enforcement.



DeFi protocol Indexed Finance has released an update on the hack that it experienced last week, which saw the attacker steal $16 million in the form of various tokens. Dillon Kellar, the lead developer at Indexed Finance, tweeted that the attacker has refused to return the funds, forcing the team to escalate the situation to law enforcement.

Kellar said that “despite the white supremacy and antisemitism” and giving the attacker “an easy way out of ruining his life,” the attacker has chosen to keep the stolen funds. Indexed Finance has seemingly identified the attacker and had given him multiple opportunities to return the funds, with a 10% bounty as an offering.



But the attacker wants to take the matter to the legal system if necessary, going by the defense of “code is law.” Indexed Finance provided a detailed analysis proving the identity of the attacker, who had contacted the team a few weeks ago about the development of an arbitrage bot. The attacker is a master’s student with knowledge of mathematics, and deleted chat logs indicate that Indexed Finance was correct in its identification.

The attacker exploited two index pools on the protocol, taking advantage of the rebalancing mechanism, allowing him to mint additional DEFI5 at an inflated valuation. The end result was that several different assets were stolen. Indexed Finance is working on a way to reimburse users as it simultaneously addresses the vulnerability.

DeFi protocols continue as target for attackers

Decentralized finance (DeFi) protocols have proven to be a bit of a double-edged sword in the market. While they are at the cutting edge of blockchain technology, their novelty and attractiveness have made them the target of sophisticated attacks. These protocols tend to pull in many new investors who are seeking the next Aave or Yearn.Finance, and the end result is a prime target for hackers.

Consequently, teams are now putting a large part of their focus on securing their protocols before release and still emphasizing that protocols could be subject to attacks. Flash loans remain a big concern — major lending platform Cream Finance lost $25 million in August 2021. Such incidents happen frequently and are thorns in the DeFi market’s side.

Another proposed solution is insurance protocols, which cover damages that may occur during these attacks. DeFi is now seen as the new wild west in crypto, and crypto insurance projects are hoping that it can bring some law and order to the space.


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Rahul's cryptocurrency journey first began in 2014. With a postgraduate degree in finance, he was among the few that first recognized the sheer untapped potential of decentralized technologies. Since then, he has guided a number of startups to navigate the complex digital marketing and media outreach landscapes. His work has even influenced distinguished cryptocurrency exchanges and DeFi platforms worth millions of dollars.

Follow Author

$200 reward waiting for you — Deposit, Trade, Follow and Claim today!


Limited offer! Learn to mine and trade crypto today for free