A whitehat hacker returned approximately $190,000 to the Renegade.fi protocol just hours after exploiting its Arbitrum-based decentralized dark pool. The hacker injected malicious logic into a faulty function tied to the V1 Arbitrum dark pool, stealing 27 ERC-20 tokens.
The return of funds came after blockchain analytics platform Blockaid flagged the $209,000 exploit on Sunday. The whitehat sent back more than 90% of the stolen funds within 45 minutes, following Renegade's onchain instruction to keep 10% as a bounty.
The returned funds included $84,370 in USDC, $27,885 in wrapped Bitcoin, and $23,950 in wrapped Ether. The hacker said the action was taken to protect DeFi users, adding that the exploited vulnerability was "tooooo simple and bad."
Renegade said the exploit resulted from deployment code failing to assign an explicit owner and a faulty migration in an April 2025 software update, enabling anyone to rewrite the smart contract. The protocol plans to fully compensate affected users and will publish a post-mortem with a root-cause analysis.
