In this episode of the BeInCrypto video news show, host Jessica Walker addresses the Poly Network Hack. Last week saw one of the biggest crypto hacks ever, with almost $600 million in crypto being taken from the Poly Network. As of this recording most of the money seems to have been returned, but there’s also a catch.
In an unusual turn of events Wednesday, an anonymous person claiming to be the hacker said they were “ready to return” the funds. Poly Network requested they send the money to three digital currency wallets. And, sure enough, the hacker had returned more than $342 million of the funds to those wallets by Thursday.
Nearly all of the $600 million has now been returned by hackers, according to the platform targeted in the hack. Poly Network said Thursday that all of the funds except $33 million worth of the Tether stablecoin have been transferred back. The issuer of Tether used a built-in fail-safe to freeze the assets soon after the theft.
… with a catch
But there’s a catch. While almost all of the haul has been sent back to Poly Network, the last $268 million of assets is locked in an account that requires passwords from Poly Network and the hacker to gain access. In a message embedded in a digital currency transaction, the suspected hacker said they would “provide the final key when _everyone_ is ready.”
Record ‘DeFi’ hack
The Poly Network is a collaborative project helmed by Ontology, Neo and Switcheo. It seeks to foster integration between blockchains into the larger cross-chain ecosystem. Thanks to its infrastructure, the protocol allows users to swap tokens across different blockchains seamlessly.
In the case of Poly Network’s hack, someone compromised the DeFi system, which allows users to transfer tokens from one blockchain to another. By exploiting a vulnerability in Poly Network’s code, the hacker was able to transfer tokens to their own crypto wallets. The self-proclaimed hacker claims they carried out the theft “for fun” and that it was “always the plan” to eventually return the funds.
After determining the hacker’s motives to be completely clean, a spokesperson for the Poly Network said that the company was willing to offer the individual — whom the company dubbed “Mr. White Hat,” — a $500,000 bounty. The message read, “We will send you the 500k bounty when the remaining funds are returned, except the frozen USDT.” Surprisingly, the hacker politely refused, stating that he never responded to the offer. “I will send all of their money back,” he said, signing off.
The hacker shared what appears to be a statement from Poly Network promising that they would “not be held accountable for this incident,” effectively granting them immunity. Offering immunity may have sounded like a smart move from Poly Network to dangle a carrot, but it is unlikely that the authorities would agree with this decision nor even allow it.
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.