This is estimates that over $ 600 million worth of cryptocurrency was stolen as a result of a hack into a protocol called Poly Network. And now whoever stole it seems to be giving it back, according to CNBC and Channel analysis. According to Bloomberg, this is quite possibly one of the biggest hacks in the decentralized finance space, or DeFi.
The Poly Network is a protocol that allows people to transfer cryptocurrencies between blockchains. And because of this bridge role, stolen goods come in the form of hundreds of different types tokens – from Ethereum to Binancefrom BNB to Dogecoin.
Poly Network quotes huge amount of stolen money in message to hacker, he posted on Twitter. The post begins with “Dear Hacker” and goes on to explain how the attacker is said to have trouble with law enforcement for robbing “people”.
The message may have worked. The hacker posted a series of messages (incorporating text into transactions sent to him), saying he was ready to return the stolen funds, but need a way to send them back to the Poly network. Poly Network addresses provided to send the crypto to, and the coins started to flow.
At 10:00 a.m.ET on Wednesday, around $ 5 million was returned, but it appears the attacker is getting rid of lower-value cryptos first. They integrated a message saying they were “DUMMER THE SHITCOINS FIRST”.
There have been several theories as to how the attack was carried out. A security team says that, according to his initial analysis, either the attacker was able to sign transactions with a legitimate private key, or he could exploit a bug to sign a message. Poly Network has rejected this analysis, claiming that the attackers exploited an interaction between two contracts. Poly Network highlighted looking for another security company who found similar results. Channel analysis said it will release a full analysis today.
It’s likely that we won’t know what really happened until further investigation is done, and we won’t know how well the hacker actually got away with it. It is possible that the crypto community will rally to the blacklist of stolen tokens, rendering them essentially worthless – it’s already done for about $ 33 million in tokens, but that wouldn’t be that easy for the rest of them. According to The block, the frozen holdings were USDT coins, which are controlled by a company called Tether. However, many of the other stolen coins are decentralized, which means that no entity can decide what can or cannot happen with them, and there is no promise as to what the community will decide to do. .
There is also the question of why the attacker started to return the funds. Yesterday, they posted a message that said, in part “not so much interested in the money, now considering returning tokens or just leaving them here.” Since then they have posted a message saying that returning the money (or saving the world, as they say) will make it “an eternal legend”. Corn another message they posted, soliciting donations from those who support their decision to return the funds, questions the “not so interested in the money”. Maybe they just return the funds out of fear that they won’t be able to use them or because they are fed up with the funds. hundreds begging for Robin Hood-style redistribution.