Cyberhacker returns over $260 million in cryptocurrency

By Laura Berrill
The headline-grabbing haul saw a cybercriminal steal more than $600 million in cryptocurrency from the Poly Network

The hacker behind what has been dubbed the largest decentralised finance platform hack in history has returned some of what they stole last week and sent back approximately $260 million of the more than $600 million in stolen cryptocurrency. 

The Poly Network -- a "DeFi" platform that works across blockchains -- said the unknown culprit behind the attack has so far returned $256 million in BSC, $1 million from Polygon and $3.3 million in Ethereum. 

The company noted that there is still $269 million in Ethereum, as well as $84 million in Polygon that needs to be returned. It attributed the attack to a vulnerability that was exploited concerning contract calls. However it added the exploit "was not caused by the single keeper as rumored”. 

Online researchers had tied the attack to a Poly Network privileged contract called the “EthCrossChainMananger."

Reasons behind crypto attacks 

In addition to returning the money, the hacker included a three part Q&A where they explained some of their reasoning. The attacker, in a post which was shared by Elliptic co-founder Tom Robinson, said they found a bug in Poly Network's system and contemplated what to do from there. They eventually decided to steal the money available and transfer it into another account. 

They tried to paint their actions as altruistic and said they were trying to expose the vulnerability before it was exploited by "an insider." They claim to be completely protected because they used anonymous email addresses and IPs. The attacker described the Poly Network as a ‘decent system’ and said it was ‘one of the most challenging attacks that a hacker can enjoy’.

The attacker added: "I didn't want to cause real panic in the crypto world. So I chose to ignore rubbish coins, so people didn't have to worry about them going to zero. I took important tokens (except for Shib) and didn't sell any of them."

Eventually the attacker began to sell or swap stablecoins because they were unhappy with how Poly Network responded to the attack and suggested the company should have learned something from the experience.

The culprit noted that they were moving slowly in returning the money because they needed rest, more time to negotiate with Poly Network and also needed to "prove" their dignity while hiding their identity. 

The statement went to say that the attacker wanted to help Poly Network with its security because of its importance to the cryptocurrency industry. 

Ripple effects of crypto attacks

The audacious attack sent shockwaves through the blockchain and cryptocurrency communities as Poly Network sought to respond. The company works across blockchains for Bitcoin, Ethereum, Neo, Ontology, Elrond, Ziliqa, Binance Smart Chain, Switcheo, and Huobi ECO Chain.

Poly Network had begged the hacker to return the money and threatened to prosecute the perpetrator as a major economic crime. The team went on: "It is very unwise for you to do any further transactions. The money stole are from tens of thousands of crypto community members, hence the people. You should talk to us to work out a solution. We call on miners of affected blockchain and crypto exchanges to blacklist tokens coming from the above addresses."

The company also appealed to miners across affected blockchain and crypto exchanges like Binance, Tether, Uniswap, HuobiGlobal, OKEx, Circle Pay and BitGo to blacklist any tokens coming from these addresses.

Hank Schless, senior manager at Lookout, told ZDNet that DeFi has "become a primary target for cybercriminals" and a recent report from CipherTrace found that attacks on DeFi caused an all-time high number of losses for the first half of 2021. 

The DeFi community saw a record loss of $474 million between January and July this year thanks to cybercriminals. 

The attack on Poly Network is bigger than other headlining cryptocurrency attacks like the $550 million hack of Coincheck in 2018 and the $400 million Mt. Gox hack in 2014

 

Share

Featured Articles

Google delays launch of long-anticipated Gemini AI model

The tech giant has pushed back the launch of its new conversational AI model, Gemini AI, amid speculation over if it can out-perform competitor models

Atos to deliver critical IT services to UEFA EURO 2024

IT service and consulting company Atos will deliver key on-site and remote IT services for the UEFA EURO 2024 taking place in Germany in June

Orange cyber report: highest number of victims ever recorded

Orange Cyberdefense's Security Navigator 2024 reveals the highest number of cyber extortion victims recorded, with an increase of 46% worldwide in 2023

ChatGPT turns one: How AI chatbot has changed the tech world

AI & Machine Learning

AWS announces AI tool Amazon Q to reimagine future of work

AI & Machine Learning

Deloitte & IBM: Data solutions driving tech sustainability

Data & Data Analytics