Blockchain sleuth ZachXBT says the attacker who took funds from Scroll-supported lending protocol Rho Markets is willing to return all funds.
The attacker has written an on-chain message committing to returning all funds, claiming theirs wasn’t an exploit or hack. Blockchain investigator ZachXBT noted that the attacker appeared to be a grey or white hat and that the funds could be recovered. The exploiter has exposure on centralized exchanges, ZachXBT noted.
Not long after, the attacker communicated with Rho via an on-chain message.
The message read:
“Our MEV bot has profited from a configuration error in Rho Markets’ price oracle. We understand these funds belong to users and are willing to return them in full. However, we first want you to acknowledge that this was not an exploit or hack but a configuration mistake on your part. Additionally, please inform us of the measures you will take to prevent such incidents in the future,” they wrote.
Rho Markets pauses platform amid investigation
Earlier on Monday, blockchain security firm Cyvers Alerts noted that Rho Markets had suffered an attack impacting the protocol’s USDC and USDT pools.
From the incident, the attacker managed to move $7.6 million in user funds, holding them on several chains.
Rho and Scroll, an Ethereum Layer 2 protocol, confirmed the attack, noting “unusual activity.” As investigations commenced, the Rho Markets team announced a pause to the network.
“The platform functions will be enabled again once everything returns to normal. Thank you for your understanding and patience,” Rho Markets wrote.