What just happened? Hackers stole over $600M in crypto assets from PolyNetwork, but it looks like they're not keeping it all to themselves. Soon after the hack, the culprits started to return some of the assets. At the moment, they've sent back about $256M worth of crypto, leaving $355M left in their hands.
PolyNetwork is a cross-chain protocol resulting from a partnership between Neo, Ontology, and Switcheo, where users can swap crypto tokens across numerous blockchains, including Bitcoin, Ethereum, and Ontology. While useful, it also makes it a big target for hackers looking to steal crypto assets, as multi-chain protocols usually move loads of money.
The hacker reportedly took about $611M in crypto assets from PolyNetwork, making it the largest DeFi hack ever. Out of these $611M, $273M were Ethereum tokens, $253M were tokens from the Binance smart chain, and the remaining $85M were USDC tokens from the Polygon network.
About $33M of the $273M in Ethereum tokens are USDT, which are now blacklisted.
As a stablecoin, USDT is centralized and controlled by Tether. Therefore, all stolen tokens can be blacklisted if the company deems it necessary, rendering them unusable. Binance CEO Changpeng Zhao said that they "are coordinating with all [their] security partners to proactively help," but "there [were] no guarantees" that they would be able to return the assets.
Soon after the attack, the blockchain security firm SlowMist tracked down the hacker, claiming it knew the email address, IP and device fingerprint. SlowMist offered to share the hacker' information with PolyNetwork to help the company track him down. PolyNetwork also shared a letter asking the hacker to retrieve the money.
After SlowMist claims came to the public, the hacker returned $4.7M alongside a private note stating: "It would have been a billion hack if I had moved remaining shitcoins! Did I just save the project? Not so interested in money, now considering returning some tokens or just leaving them here."
About seven minutes after this transaction, he created the "The hacker is ready to surrender" token and sent it to a Polygon address. First, he retrieved $1.01001M in USDC to the Polygon network in three transactions of $10, $10,000, and $1M. These transactions were then followed by three others of 23.8 BTCB ($1.1 million), 259.7 billion SHIBA tokens ($2 million), and $600,000 in FEI (a stablecoin).
Since then, he retrieved everything he stole from the Binance smart chain, transferring 1,000 in BTCB ($46.4M), 26,629 in ETH ($86M), $119M in BUSD and $2.6M in BNB. Now, it remains to see if it will retrieve the USDC and ETH tokens still in its possession.