I would side with Cryptobridge on this, the Azart devs probably didn't even read the listing guidelines:
Per our listing policy and terms of service, we require projects to reimburse the gateway with the sum created in such exploit to ensure users are able to withdraw their assets.
worth reading their version:
https://crypto-bridge.org/2019/02/05/azart-update/