Rho Markets attacker offers to return funds, says incident not a hack

Blockchain detective ZachXBT says the attacker who withdrew funds from Scroll-powered lending protocol Rho Markets is willing to return all the money.

Specifically, the attacker wrote an on-chain message promising to return all funds and claimed that their funds were not an exploit or hack. In a post after the incident, blockchain researcher ZachXBT noted that the attacker appeared to be wearing a gray or white hat and that the funds could be recovered. ZachXBT noted that the exploiter had a lot of visibility on centralized exchanges.

Soon after, the attacker contacted Rho via an on-chain message.

The message included the following statements:

“Our MEV bot profited from a configuration error in Rho Markets’ price prophecy. We understand that these funds belong to users and we are ready to return them in full. However, we would like to first accept that this is not an exploit or a hack, but a configuration error on your part. Also, please let us know what measures you will take to prevent such incidents in the future,” they wrote.

Rho Markets pauses platform following investigation

Earlier on Monday, blockchain security firm Cyvers Alerts reported that Rho Markets had suffered an attack that affected the protocol’s USDC and USDT pools.

The attacker managed to transfer $7.6 million worth of user funds after the incident, and these funds were kept on various chains.

Ethereum Layer 2 protocols Rho and Scroll confirmed the attack, noting that there was “unusual activity.” The Rho Markets team announced a pause on the network while they begin their investigation.

“Platform functionality will be reactivated once everything returns to normal. Thank you for your understanding and patience,” Rho Markets wrote.