Huge Hack of DeFi Poly Network. About 600 Million Dollars Were Stolen
On Tuesday, August 11, the DeFi Poly Network was hacked. According to preliminary data, about 600 million dollars in cryptocurrency were stolen.
The Poly Network protocol, which runs on Binance Smart Chain, Ethereum, and Polygon, was launched by the founder of the Neo blockchain project. A blatant hacker attack on the Poly Network paralyzed every chain one after another.
However, the Poly team identified three addresses to which the stolen assets were transferred.
When Poly announced the attack on Twitter, the addresses listed had a total of about $600 million in various cryptocurrencies.
The Poly Network team urged miners and crypto exchanges affected by the attack to ban the tokens coming from the specified wallets.
Tether responded with lightning speed and froze approximately $33 million in connection with the hack.
About an hour after reporting the attack, the hacker attempted to move the stolen assets through the Ethereum address to the Curve.fi liquidity pool. The deal was rejected.
However, about $100 million was transferred from the Binance Smart Chain address to the Ellipsis Finance liquidity pool.
BlockSec, a Chinese blockchain security company, stated in its initial analysis of the attack that the hack could have been caused by a leak of the private key used to sign the interconnect message.
According to another Chinese blockchain security firm, Slowmist, the attack was long-planned, organized and well-thought-out.
A spokesperson for Binance Smart Chain told CoinDesk that several unreliable bridges have recently fallen victim to similar attacks, and recommended to carry out a system security audit and be very attentive before interacting with any projects.
The spokesman added that BSC is currently working with its security partners to provide maximum support for the cybercrime investigation.
According to CoinDesk, on August 11, the hacker got in touch and said that he was ready to return the stolen money.
The hacker embedded the statement into an Ethereum transaction, which he sent to himself at about 07:00 Moscow time. The hacker also added that he was unable to contact the Poly Network and asked for a multisig wallet address in order to get the funds back.
The project representatives created three wallets in the hope that the organizer of the attack will keep his word.
The hacker added that after this multimillion-dollar cyberattack, he has already become a legend, and the return of the money will ensure his place in history.