Hacker returns $600M to Poly Network, is offered position as Chief Security Advisor

[Cal Jeffrey]

In context: Last week, a hacker who stole more than $600 million in various cryptocurrencies began returning the ill-gotten gains. The hacker had exploited a weakness in the Poly Network platform of multiple blockchains to pull off the heist. At the time, he had returned almost half of the funds stolen.

This week nearly all of the crypto stolen from Poly Network has been returned, but then something bizarre happened. Instead of turning the thief, who Poly Network refers to as Mr. White Hat, over to authorities, the company hired him to be its Chief Security Advisor and gave him a $500,000 bug bounty for finding the exploit.

Poly Network said that it maintained constant communication with Mr. White Hat as he returned the crypto. He expressed concerns with the platform's "security and overall development strategy." The company was impressed enough with his abilities that it offered him a senior-level position at Poly Network.

#PolyNetwork has no intention of holding #mrwhitehat legally responsible and cordially invites him to be our Chief Security Advisor. $500,000 bounty is on the way. Whatever #mrwhitehat chooses to do with the bounty in the end, we have no objections. https://t.co/4IaZvyWRGz

— Poly Network (@PolyNetwork2) August 17, 2021

"We are also counting on more experts like Mr. White Hat to be involved in the future development of Poly Network since we believe that we share the vision to build a secure and robust distributed system," Poly Network wrote in a blog post. "Also, to extend our thanks and encourage Mr. White Hat to continue contributing to security advancement in the blockchain world together with Poly Network, we cordially invite Mr. White Hat to be the Chief Security Advisor of Poly Network."

At first glance, it may appear that Mr. White Hat was trying to undo his actions since there was no way to convert the already flagged cryptocurrency. However, when Poly Network offered him the $500,000 bounty, he turned it down. The company sent it to him anyway and told him to do whatever he wanted with it. The company said he had expressed that he may give it to the blockchain security community.

Regardless of whether Mr. White Hat was a benevolent security researcher or an actual black hat hacker that screwed up, hiring black and white hats is not uncommon. The general philosophy seems to be one of, who better to protect your network than the one who broke into it.

Image credit: B_A

Permalink to story.

https://www.techspot.com/news/90868-hacker-returns-600m-poly-network-got-hired-chief.html

 

[QuantumPhysics]

It’s so amazing nowadays that if you are smart enough to hack into / steal/ exploit expensive, and sensitive systems that you get job opportunities rather than executed.

 

[Thunder6230]

What was first the chicken or the egg?

 

[3volv3d]

It’s so amazing nowadays that if you are smart enough to hack into / steal/ exploit expensive, and sensitive systems that you get job opportunities rather than executed.

I do get your point, but let's face it, people, women got executed for not dying when they bled for a week. Ancestors were not smart.
They built a world that has for the most part been a complete failure. We do not often learn from our mistakes. And some of our best ideas have been thrown aside, for progress, and cash. Progress isn't always forwards if your going in the wrong direction.

So a hacker proves a system is flawed. Apologises and says happy to return the money. Keep your friends close and your enemies closer. Returning crypto and turning down a cash reward does kinda make you think he isn't a total chode.
Its just unfortunate that crypto may not be forward progress. I'm sure this world doesn't need more avacado and almond milk.

 

[VaRmeNsI]

After what happened with the Valve hacker 15+ years ago I'd be very cautious about accepting such an offer.

 

[0dium]

After what happened with the Valve hacker 15+ years ago I'd be very cautious about accepting such an offer.

Yeah, that's exactly what I was thinking about while reading the article

 

[hahahanoobs]

I like this idea.
These companies need all the help they can get, and the only people with the means of really testing their security are hackers. It's that simple.

 

[hahahanoobs]

Yeah, that's exactly what I was thinking about while reading the article

Keywords: Valve and 15 years ago

 

[Todd Sauve]

I think anyone who steals $600 million dollars should be in jail. Not running the security of any entity. But it rather reveals the moral mindset of the entire bitcoin operation, doesn't it?

 

[SG736F6]

Oops, replied to wrong post.

 

[SG736F6]

After what happened with the Valve hacker 15+ years ago I'd be very cautious about accepting such an offer.

What happened?

 

[kimo1]

What happened?

To anyone who's wondering:
https://www.wired.com/2008/11/valve-tricked-h/

Or put into your search engine: "valve got hacked, offered job"

Summary:

After the secret source code for its then-unreleased shooter* Half Life 2* showed up on file sharing services in 2003, game-maker Valve Software cooked up an elaborate ruse with the FBI targeting the German hacker suspected in the leak, even setting up a fake job interview in an effort to lure him to the United States for arrest.

 

[Fimbulvetr]

What happened?

https://www.wired.com/2008/11/valve-tricked-h/

 

[Wereweeb]

I do get your point, but let's face it, people, women got executed for not dying when they bled for a week. Ancestors were not smart.
They built a world that has for the most part been a complete failure. We do not often learn from our mistakes. And some of our best ideas have been thrown aside, for progress, and cash. Progress isn't always forwards if your going in the wrong direction.

So a hacker proves a system is flawed. Apologises and says happy to return the money. Keep your friends close and your enemies closer. Returning crypto and turning down a cash reward does kinda make you think he isn't a total chode.
Its just unfortunate that crypto may not be forward progress. I'm sure this world doesn't need more avacado and almond milk.

"Forward progress" apparently is grown adults b*tching and crying about avocado and almond milk in a tech forum?

Anyway, nothing out of the ordinary with this news story.

 

[3volv3d]

"Forward progress" apparently is grown adults b*tching and crying about avocado and almond milk in a tech forum?

Anyway, nothing out of the ordinary with this news story.

Lol. I don't know if you even get my point.
But OK Buddy

 

[IksPiks]

https://www.wired.com/2008/11/valve-tricked-h/

"If somebody could point us in the right direction... It would be great." - Gabe Newell
Ole Gabe as cheap then as he is today. Recently Valve rewarded a guy with $7500 for finding an exploit that allowed unlimited funds on a Steam account.