Poly Network hacker returns $258M, conducts AMA on how it went down

Published at: Aug. 12, 2021

The Poly Network hacker has now returned $258 million to the cross-chain decentralized finance (DeFi) protocol and conducted a question-and-answer session detailing how the initial hack went down.

In what is being described as the largest DeFi hack to date, the Poly Network suffered a $612-million exploit on Tuesday that saw the hacker steal assets from Ethereum, Binance Chain and the Polygon Network.

Tom Robinson, the chief scientist at blockchain analytics firm Elliptic, told Forbes on Wednesday that the hacker has now returned roughly $258 million worth of funds to Poly so far — with $342 million yet to be returned.

I like how the PolyNetwork Exploiter is having an AMA right now... what a ridiculous space. pic.twitter.com/FBQieZqdQW

— Sam MacPherson (@hexonaut) August 11, 2021

The attacker stated their willingness to return the stolen funds on multiple occasions, which has led to suggestions that it may have been a white hat hack to teach Poly an expensive lesson about its security flaws.

However, that view wasn’t necessarily shared by Robinson, who stated that the returning of funds “demonstrates that even if you can steal crypto-assets, laundering them and cashing out is extremely difficult due to the transparency of the blockchain.”

The hacker has conducted an Ask Me Anything (AMA) using embedded messages in Ethereum transactions, and while they appear to be a non-native English speaker, what’s lost in translation is their grand plan.

When asked why they were hacking and why the Poly protocol, in particular, the hacker states “for fun” and because “cross-chain hacking is hot.”

Despite such answers, they then proceed to claim the hack was conducted for noble causes and that they have since been transferring tokens between addresses only to keep them safe:

“When spotting the bug, I had a mixed feeling. Ask yourself what to do had you facing so much fortune. Asking the project team politely so that they can fix it? Anyone could be the traitor given one billion. I can trust nobody! The only solution I can come up with is saving it in a trusted account.”

“Now everyone smells a sense of conspiracy. Insider? Not me, but who knows? I take the responsibility to expose the vulnerability before any insiders hiding and exploiting it!” they added.

Users on Twitter noted that the hacker was asking for guidance on how to deposit funds into Tornado Cash, which is a decentralized protocol that enables private Ethereum transactions.

Hacker is literally begging for help. pic.twitter.com/JvoshUNfu2

— Sam naique03012009 (@Shane_Naique7) August 10, 2021

The attacker was also quizzed on why they had been selling and swapping some of the stolen stablecoins, in which they responded with: “I was pissed by the Poly team for their initial response.”

Related: Possible ‘white hat hacker’ exploits THORChain for $8M, proposes 10% bounty

The Poly team posted an open letter to the hacker on Wednesday that urged them to return the stolen assets as “law enforcement in any country will regard this as a major economic crime and you will be pursued.”

The hacker goes on to say that “they urged others to blame me and hate me before I had any chance to reply!” and that they had no intentions of laundering the money:

“In the meanwhile, depositing the stables could earn some interest to cover potential cost so that I have more time to negotiate with the Poly team.”
Tags
Related Posts
Poly Network hacker returns nearly all funds, refuses $500K white hat bounty
The hacker behind a $610 million attack on the cross-chain decentralized finance (DeFi) protocol Poly Network has returned almost all of the stolen funds amid the project saying their actions constituted “white hat behavior.” According to a Thursday update on the attack from Poly Network, all of the $610 million in funds taken in an exploit that used "a vulnerability between contract calls” have now been transferred to a multisig wallet controlled by the project and the hacker. The only remaining tokens are the roughly $33 million in Tether (USDT), which were frozen immediately following news of the attack. The …
Business / Aug. 12, 2021
Hackers stole at least $600M in Poly exploit across three chains
In what may be the largest attack in decentralized finance, or DeFi, unknown hackers used an exploit on cross-chain protocol Poly Network to remove at least $600 million from three chains. According to a Tuesday update on Twitter, Poly Network said the attacks had removed assets from Binance Chain, Ethereum and the Polygon network. Blockchain data from the respective networks shows the hackers stole roughly $273 million from Ethereum, $85 million in USD Coin (USDC) from the Polygon network, and $253 million from the Binance Smart Chain. Poly also reported renBTC, wrapped Bitcoin (WBTC), and wrapped Ether (WETH) were involved …
Business / Aug. 10, 2021
The aftermath of Axie Infinity’s $650M Ronin Bridge hack
In late March, Ronin, an Ethereum sidechain built for the popular play-to-earn nonfungible token game Axie Infinity, was hacked for over 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) for a combined value of over $600 million. The breach on the Ronin bridge was confirmed by Sky Mavis, the developers behind the popular play-to-earn (P2E) game: There has been a security breach on the Ronin Network.https://t.co/ktAp9w5qpP — Ronin (@Ronin_Network) March 29, 2022 The official report from the company noted that the hackers managed to get access to private keys to validator nodes resulting in the compromise of five validator …
Blockchain / April 12, 2022
Binance and Huobi freeze $1.4M in crypto linked to North Korean hackers
Cryptocurrency exchanges Binance and Huobi have again frozen accounts linked to the $100 million Harmony Horizon bridge attack on Jun. 24, 2022. Around $1.4 million worth of crypto frozen by the trading platforms came from accounts linked to the notorious Lazarus Group operating out of North Korea. The investigation was carried out by blockchain analytics firm Elliptic, according to a report shared by the firm on Feb. 14. However, the firm didn’t state what coins or tokens were frozen. Exchanges @binance and @HuobiGlobal today froze accounts containing $1.4 million stolen by North Korea’s Lazarus Group. This was made possible thanks …
Blockchain / Feb. 15, 2023
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023