The Poly Network: what happened with the hacking and how it ended

Poly Network is a decentralized finance (the so-called DeFi) platform that makes easy peer-to-peer transactions, facilitating the transfer or swap tokens across different blockchains. As stated by the developers, the network is built to implement interoperability between multiple chains in order to build the next-generation internet infrastructure. Poly Network claims to be able to make these various blockchains work with each other.

On August 10, a hacker found a breach in the digital contracts and managed to move through the network’s assets. Thus the hacker, defined as “white hat”, managed to steal over 600 million dollars in cryptocurrency. The hacker is called “Mr White Hat”, so we can call him a good hacker, with no bad intentions. The way the story went on and how Poly Network responded to the attack is truly amazing.

It’s the biggest money heist in the history of decentralized finance. This attack has surpassed the $534.8 million in digital coins stolen from Coincheck in 2018. In a press release, Polynetwork immediately tried to communicate with the attacker. Since it is a real theft, the crime is serious and punishable by law, so the victims of the attack ask to communicate to find a solution together. Once the hacker started stealing the money, he transferred the assets to different addresses, this through a long and planned organization. Meanwhile, PolyNetwork is working on trying to trace the identity of the hacker or hackers.

In a tweet poly network published the data to resist the assets and, in a strange succession of events, the next morning the hackers decided to return a small portion of the stolen money.

  • 7 a.m: more than $4.8 million had been returned to the Poly Network.
  • 11 a.m. ET, about $258 million had been sent back.

Tom Robinson, chief scientist of blockchain analytics firm Elliptic, said via email:

“I think this demonstrates that even if you can steal cryptoassets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the use of blockchain analytics,”

“In this case the hacker concluded that the safest option was just to return the stolen assets.”

 

As stated by Poly Network, this attack has to do with the entire blockchain industry. For as long as DeFi has existed, there have always been attempts to attack and fraud has occurred. Millions of funds have already been robbed on other occasions. Securing is now a priority, and as a result of this attack, many have offered to help PolyNetwork and increase DeFi’s defenses.

Indeed, the victims of this attack were able to have the help of several personalities and companies experts in the blockchain and, incredibly, Mr. White Hat wanted to collaborate with the PolyNetwork. On Thursday, more than $ 342 million of assets were returned. The haul is about to be returned in full, but $ 268 million remains in an account that requires both PolyNetwork and the hacker passwords to gain access.

It’s likely that keys held by both Poly Network and the hacker would be required to move the funds — so the hacker could still make these funds inaccessible if they chose to,

Tom Robinson, chief scientist of blockchain analytics firm Elliptic.

In a message embedded in a digital currency transaction, the suspected hacker said they would “provide the final key when _everyone_ is ready.”

In a message, the hackers claimed that Poly Network offered them $ 500,000 to return all the stolen money. The attackers turned down the offer, even though PolyNetwork said it would guarantee their immunity and would not hold them responsible for the theft. Subsequently, Poly Network activated a reward for all the best DeFi security agencies, providing them with a share of $ 500,000 to better protect assets and improve their security.

In the third phase, the hacker is about to restore all the money, now over $ 400 million, and Poly Network has added a new $ 100,000 reward for anyone who finds a reward. Following the last updates, Mr. White Hat has returned assets that worth $427 million and they have restored the cross-chain functionality for 31 assets. PolyNetwork is still donating money for the bug bounty. This case demonstrates how stricter security systems occur in DeFi and blockchain, how people need to join systems together and how complicated it is for hackers to return stolen assets since the computer code on which the networks rely has no legal status.

Post a comment:

Comment

Type at least 1 character to search
Elsewhere: