Poly Network hacker appears ready to return stolen funds
Following a massive $600-million exploit of cross-chain protocol Poly Network, the Poly Network hacker has claimed his willingness to return the stolen cryptocurrency funds.
At about 4:00 am UTC on Wednesday, the hacker sent an Ethereum transaction to themselves, stating that they were “ready to return the fund” in an embedded transaction message.
In a subsequent message, the hacker asked for a multisig wallet address to return the funds to Poly Network. “Failed to contact the poly. I need a secured multisig wallet from you,” the hacker noted.
Poly Network’s Twitter account posted an update on Wednesday, providing three separate wallet addresses intended for the hacker to send the stolen funds back to the network. “We are preparing a multisig address controlled by known Poly addresses,” Poly Network noted in a message embedded to an Ethereum transaction to the hacker’s address.
Cross-chain developer project O3 Labs suggested that the person behind the Poly Network’s massive decentralized finance (DeFi) exploit could be a white hat hacker.
This hacker might yet be of the white hat variety. Let’s see. https://t.co/Y7jJykWSmS
— O3Labs (@O3_Labs) August 11, 2021Related: Possible ‘white hat hacker’ exploits THORChain for $8M, proposes 10% bounty
“It’s already a legend to win so much fortune. It will be an eternal legend to save the world. I made the decision, no more DAO,” another message from the hacker said.
The attacker subsequently started returning the stolen funds, sending back over $1 million in USD Coin (USDC) on the Polygon blockchain as of around 8:00 am UTC. Poly Network has since confirmed a receipt of funds, stating, “You are moving things to the right direction. We received 1+M USDC on Polygon. Did you ask us to encrypt the receiving addresses with your BookKeeper public key?”
According to data obtained by crypto journalist Colin Wu, the hacker also returned $2.65 million dollars worth of Shiba Inu (SHIB) and Fei.
Poly Network suffered a major exploit on Tuesday, which saw assets being removed from the Ethereum, Binance Chain and the Polygon network. At $600 million, the attack is the largest DeFi exploit to date.
The rising popularity of DeFi has made the sector an attractive target for hackers. According to an April report by crypto research company Messari, DeFi protocols have lost about $285 million to hacks and other exploits since 2019.
Disclaimer: This article was updated to reflect that the Poly Network hacker started returning the stolen funds.