Poly Network offers to on board 'Mr. White Hat' as chief security advisor

Published at: Aug. 17, 2021

Decentralized finance protocol Poly Network has offered the person behind a $610 million hack an advisery position and $500,000 — whether they like it or not. 

In a Tuesday update, the Poly Network team said, in a seeming attempt to gain access to the hacker’s expertise, that it would be inviting them to the position of chief security adviser. In addition, the project will be sending a $500,000 bounty for the attacker, whom Poly dubbed "Mr. White Hat," despite the fact they have previously refused any payment.

“Poly Network has no intention of holding Mr. White Hat legally responsible, as we are confident that Mr. White Hat will promptly return full control of the assets to Poly Network and its users,” said the team. “As we have stated in previous announcements and encrypted messages that have been made public, we are grateful for Mr. White Hat’s outstanding contribution to Poly Network’s security enhancements.”

The hack was reported on Aug. 10, when analysts noted that roughly $610 million had been removed from the Polygon network, the Binance Smart Chain and Ethereum. The hacker subsequently communicated with the Poly Network team and others through embedded messages in Ethereum transactions, agreeing to return the funds. Poly Network said it determined that the attack constituted “white hat behavior” and offered Mr. White Hat a $500,000 bounty.

The Poly Network team said it was “counting on more experts like Mr. White Hat to be involved” in the future development of the project, “since we believe that we share the vision to build a secure and robust distributed system.” The hacker returned all the funds with the exception of $33 million in frozen Tether (USDT), but has not yet turned over the key to the multisig wallet Poly set up for the transfer.

It’s a somewhat surprising turn for the individual responsible for the largest hack in decentralized finance, or DeFi, to be offered a reward and a — presumably — paid position at the company which was the target of their attack. Though the hacker’s identity has yet to be made public, Chinese cybersecurity firm SlowMist posted an update shortly after news of the hack broke, saying its analysts had identified the attacker's email address, IP address and device fingerprint.

“We are grateful for Mr. White Hat’s outstanding contribution to Poly Network’s security enhancements,” said the Poly Network. “While there were certain misunderstandings in the beginning due to poor communication channels, we now understand Mr. White Hat’s vision for Defi and the crypto world, which is in line with Poly Network’s ambitions from the very beginning.”

Related: Poly Network hack exposes DeFi flaws, but community comes to the rescue

With the exception of thousands of users being temporarily unable to access their funds, the events of the last week seem to have had a net result of additional media attention over the Poly Network. Data from Google shows interest in the DeFi project reached an all-time high on Wednesday and is still well above what it had been since Poly launched last year.

Tags
Related Posts
DeFi attacks are on the rise — Will the industry be able to stem the tide?
The decentralized finance (DeFi) industry has lost over a billion dollars to hackers in the past couple of months, and the situation seems to be spiraling out of control. According to the latest statistics, approximately $1.6 billion in cryptocurrencies was stolen from DeFi platforms in the first quarter of 2022. Furthermore, over 90% of all pilfered crypto is from hacked DeFi protocols. These figures highlight a dire situation that is likely to persist over the long term if ignored. Why hackers prefer DeFi platforms In recent years, hackers have ramped up operations targeting DeFi systems. One primary reason as to …
Adoption / May 14, 2022
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023
Crypto app targeting SharkBot malware resurfaces on Google app store
A newly upgraded version of a banking and crypto app targeting malware has recently resurfaced on the Google Play store, now with the capability to steal cookies from account logins and bypass fingerprint or authentication requirements. A warning about the new version of the malware was shared by malware analyst Alberto Segura and treat intelligence analyst Mike Stokkel on Twitter accounts on Sept. 2, sharing their co-authored article on Fox IT’s blog. We discovered a new version of #SharkbotDropper in Google Play used to download and install #Sharkbot! The found droppers were used in a campaign targeting UK and IT! …
Blockchain / Sept. 5, 2022
Developers need to stop crypto hackers — or face regulation in 2023
Third-party data breaches have exploded. The problem? Companies, including cryptocurrency exchanges, don’t know how to protect against them. When exchanges sign new vendors, most just innately expect that their vendors employ the same level of scrutiny as they do. Others don’t consider it at all. In today’s age, it isn’t just a good practice to test for vulnerabilities down the supply chain — it is absolutely necessary. Many exchanges are backed by international financiers and those new to financial technologies. Many are even new to technology altogether, instead backed by venture capitalists looking to get their feet wet in a …
Bitcoin Regulation / Nov. 3, 2022
Coinbase discloses recent cyberattack targeting employees
Crypto exchange Coinbase experienced a cybersecurity attack targeting its employees on Feb. 5. The attack came through SMS scams and involved impersonations of IT staff, according to a recent report from the company's engineering team. No customers' funds or information were impacted, the firm said. As per the report, on a late Sunday several Coinbase employees received SMS messages requiring them to urgently log in via the link provided to access an important message. Acting in a good faith, one employee followed the exploiter' instructions: "While the majority ignore this unprompted message - one employee, believing that it’s an important …
Technology / Feb. 22, 2023