OlympusDAO is the latest target of a crypto cyberattack, as a thief made off with 30,000 OHM tokens—worth about $300,000—early this morning. But the attacker either had a change of heart or was a white hat hacker all along, as they sent back the funds to the DAO hours later.

Community members were first alerted to the exploit early Friday morning on Discord.

“This morning, an exploit occurred through which the attacker was able to withdraw roughly 30K OHM ($300K) from the OHM bond contract at Bond Protocol,” the post read. “This bug was not found by three auditors, nor by our internal code review, nor reported via our Immunefi bug bounty.”

Olympus said that a phased rollout put a “limited amount of funds at risk,” and the amount stolen was a fraction of the potential $3.3 million bounty the attacker would have been able to claim on bug-hunting website Immunefi for reporting the exploit.

“We have closed the affected markets and all other funds are safe,” Olympus added. In the announcement, the DAO team said it was exploring the best way to fully compensate all affected bonders.

Just hours later, however, OlympusDAO updated the community with better news: all of the tokens had been returned by the attacker.

“Funds have been returned to the DAO wallet,” the update read. “We will communicate on the OHM bond payment and plan moving forward in the coming hours.”

Launched in May 2021, OlympusDAO is a decentralized reserve currency protocol based on the OHM token. OHM tokens are backed by a basket of assets (such as DAI and FRAX) held in the Olympus treasury.

Since January 2022, Olympus has offered a potential maximum $3.3 million bounty focused on Olympus smart contracts and applications to prevent the loss of DAO funds.

According to blockchain security firm Peckshield, the attack targeted an exploit in the BondFixedExpiryTeller smart contract. Smart contracts provide the code that powers autonomous decentralized apps.

“We need to clarify that these are NOT OlympusDAO contracts,” PeckShield tweeted. “Instead, the affected one was written by Bond Protocol, which was used for pilot launch of OHM bonds.”

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.