Decentralized finance (DeFi) lending protocol Harvest Finance has been exploited by a hacker who drained $24 million from its pools, and then mysteriously returned $2.5 million to the protocol. Harvest finance has put a $100,000 on the first person or team to reach out to the attacker.

Harvest Finance is a DeFi yield farming protocol that collects yields from different lending protocols and optimizes the earnings of its depositors by choosing the best rates. The attacker used a flash loans to take advantage of its pools and drain the $24 million from it.

Flash loans are uncollateralized loans, possible through complex transactions that both take out the loan and repay it in the same transaction. To drain the protocol, the attacker manipulated prices on the Curve Y pool to drain stablecoins from Harvest Finance. The attacker then converted the tokens into renBTC, a bitcoin-backed token used on Ethereum, to then move the funds to bitcoin.

On social media, the anonymous developers behind the DeFi protocol provided bitcoin addresses associated with the attacker, and claimed that there is a “significant amount of personally identifiable information on the attacker,” who they claim is “well-known in the crypto community.”

The protocol’s operators added they are not interested in revealing the attackers’ identity. Address them directly, they said “your skill and ingenuity is respected, just return the funds to the users.”

In a separate tweet, the developers behind Harvest finance asked several cryptocurrency exchanges, including Binance, Coinbase, OKEx, and Huobi, to block bitcoin addresses associated with the attacker.

Harvest Finance, it’s worth noting, was launched back in August and had over $1 billion in total assets locked before the exploit. Since then, the value dropped to little over $500 million before its page on DeFiPulse started serving a “500 internal server error.”

The price of Harvest finance’s native token, FARM, dropped by over 50% in the last 24-hour period.

Featured image via Pixabay.