Solana-based decentralized exchange Cypher confirmed an exploit on Monday, which resulted in an estimated loss of $1 million.

The team notified users that it had frozen the protocol’s smart contract in a tweet that also contained a message addressed to the exploiter.

“To the hacker: We are writing to see whether you would be open to speaking with us about any potential next steps,” stated Cypher. 

Blockchain security analysts at DeDotFi found that the wallet linked to the exploit had stolen 38,350 SOL and 123,184 USDC. The wallet in question transferred $30,000 to another address “kiing.sol” in the hours that followed, potentially with the goal of liquidating the stolen funds. 

Analysts at Web3 security firm Beosin found that the hacker’s wallet was funded from centralized crypto exchanges KuCoin and Binance.

Some users who were affected by the exploit took to creative methods to establish contact with the hacker, sending NFTs to the wallet associated with the exploit along with a message for the perpetrator.

“Seriously though, you used Binance and KuCoin to fund and to try and get 30k out. People will find you. Please do the right thing and give the rest back,” read one NFT.

Cypher is a derivatives exchange that has raised $2.1 million from some big names in the crypto venture space like Sino Global, SkyVision and Blockwall. Total Value Locked (TVL) rose sharply over the last month after liquidity incentivization measures prompted several new users to deposit their funds on the platform.