White hat helps recover $1.8M after $2.3M Foom Cash exploit

By Cointelegraph by Zoltan Vardai · Published March 2, 2026 · 3 min read · Source: CoinTelegraph

Written by Zoltan Vardai,Staff Writer

Reviewed by Bryan O'Shea,Staff Editor

White hat helps recover $1.8M after $2.3M Foom Cash exploit

21 minutes ago

Foom Cash lost $2.26 million in an exploit tied to a Groth16 verifier misconfiguration, but a white hat recovered $1.84 million of the funds.

White hat helps recover $1.8M after $2.3M Foom Cash exploit — News

Cointelegraph in your social feed

Subscribe on Subscribe on

A white hat hacker helped Foom Cash recover most of the funds stolen in a $2.26 million exploit, underscoring the growing role of ethical hackers in Web3 incident response.

Foom Cash, a decentralized, anonymous lottery protocol based on zero-knowledge proofs, was exploited for $2.26 million in funds.

The intervention of an ethical hacker helped the protocol recover $1.84 million, or 81% of the stolen funds, Foom Cash announced on Monday.

Pseudonymous white hat hacker Duha identified the vulnerability and secured funds on Base before malicious actors could exploit them, while Decurity handled recovery efforts on Ethereum, the protocol said in a Monday post on X.

Foom Cash awarded the white hat hacker a $320,000 bounty, while crypto security platform Decurity was awarded a $100,000 security fee.

”By honoring their bug bounty policy, @foomclub_ has proven that they take protocol security seriously and value the researchers helping them,” wrote white hat hacker Duha, in response to the incident.

”Fatal deployment oversight” led to $2.2 million exploit

The $2.26 million exploit stemmed from a “fatal” deployment error involving a missing command-line interface (CLI) step during the Phase 2 trusted setup process.

”In Groth16, if you skip the circuit-specific contribution setup in snarkjs, the parameters γ (gamma) and δ (delta) remain set to the same default value (the G2 generator),” wrote Foom in a Monday X response.

This deployment error enabled the attacker to trick the protocol into ”accepting forged proofs because a placeholder was never randomized.”

White hat hackers to the rescue

White hat interventions have become an increasingly common feature of DeFi incident response, particularly as exploiters move quickly to bridge funds across chains or into privacy tools.

In August 2023, white hat hacker and Paradigm researcher Samczsun established a team of ethical hackers known as SEAL (Security Alliance), surpassing 900 hack-related investigations within their first year, Cointelegraph reported.

The initiative came nearly a month after a hacker stole over $230 million from WazirX, an Indian cryptocurrency exchange, in the second-largest cryptocurrency hack of 2024.

*SEAL Whitehat Safe Harbor Agreement. Source: Security Alliance*

On Feb. 10, 2026, the Ethereum Foundation partnered with SEAL to create a ”Trillion Dollar Security” initiative to combat crypto wallet drainers.

Magazine: Inside a 30,000 phone bot farm stealing crypto airdrops from real users

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy https://cointelegraph.com/editorial-policy

This article was originally published on CoinTelegraph and is republished here under RSS syndication for informational purposes. All rights and intellectual property remain with the original author. If you are the author and wish to have this article removed, please contact us at [email protected].