ZachXBT: Prisma attackers are suspected of multiple attacks and have obtained their personal information

ChainCatcher news, on-chain detective ZachXBT released an investigation into the alleged $11.1 million Prisma vulnerability exploiter 0x77 (Trung) and the multiple vulnerabilities involved. On March 28, 2024, the Prisma team observed a series of transactions on the MigrateTroveZap contract that resulted in the loss of 3,257 ETH (approximately $11.1 million).

Initially, the attacker communicated with the Prisma deployer, claiming it was a white hat attack. However, later the same day, all funds were transferred to Tornado Cash, contradicting previous statements. Exploiters began making exorbitant demands and claimed $3.8 million (34%) of the white hat bounty. This amount is well above the industry standard of 10%, essentially extorting the team as the vault does not have enough assets to compensate users.

Through on-chain tracking, PrismaFi exploiter 0x77 was involved in the Arcade vulnerability exploit in March 2023 and the vulnerability in the Pine protocol starting in February 2024. In addition, the address of the exploiter was connected to the deployer address of Modulus Protocol. 0x77 is one of the few followers of the project, strengthening the connection between each event. The alleged scammer's phone number, email and other details were further analyzed. As you can see from their posts on X, they have a strong technical background. All personal details have now been sorted out and the Prisma team are pursuing all possible legal avenues in Vietnam and Australia. ZachXBT urges the scammer to return the funds as soon as possible to avoid further deterioration and save everyone time.