Harvest Finance

Harvest Finance, headquartered in the United States, operated as a decentralized finance service. On October 26, 2020, a hacker exploited a cryptographic vulnerability within its system to steal approximately $24 million in cryptocurrency assets. The stolen funds comprised $13 million in USD Coin and $11 million in Tether. Following the theft, the attacker briefly returned $2.5 million to the platform for reasons that remained unclear. This incident represented a significant security breach for the DeFi service, directly impacting user assets held on the platform.

In the aftermath, Harvest Finance administrators acknowledged that an engineering error had enabled the exploit. They issued a public appeal for the return of the stolen funds, explicitly promising no retaliation against the perpetrator. To incentivize recovery, the platform initiated a bounty program offering an initial reward of $400,000, with the amount structured to decrease over time. Harvest Finance also stated that it had gathered significant identifiable information about the hacker. Despite possessing this data, the platform emphasized a commitment to privacy and actively discouraged any public efforts to expose the individual. Instead, Harvest Finance urged the community and stakeholders to concentrate all efforts on the recovery of user assets, framing this as the primary objective following the security incident.