Hacker who stole $611M in crypto assets has started to return it

jsilva

Posts: 197   +1
Staff
What just happened? Hackers stole over $600M in crypto assets from PolyNetwork, but it looks like they're not keeping it all to themselves. Soon after the hack, the culprits started to return some of the assets. At the moment, they've sent back about $256M worth of crypto, leaving $355M left in their hands.

PolyNetwork is a cross-chain protocol resulting from a partnership between Neo, Ontology, and Switcheo, where users can swap crypto tokens across numerous blockchains, including Bitcoin, Ethereum, and Ontology. While useful, it also makes it a big target for hackers looking to steal crypto assets, as multi-chain protocols usually move loads of money.

The hacker reportedly took about $611M in crypto assets from PolyNetwork, making it the largest DeFi hack ever. Out of these $611M, $273M were Ethereum tokens, $253M were tokens from the Binance smart chain, and the remaining $85M were USDC tokens from the Polygon network.

About $33M of the $273M in Ethereum tokens are USDT, which are now blacklisted.

As a stablecoin, USDT is centralized and controlled by Tether. Therefore, all stolen tokens can be blacklisted if the company deems it necessary, rendering them unusable. Binance CEO Changpeng Zhao said that they "are coordinating with all [their] security partners to proactively help," but "there [were] no guarantees" that they would be able to return the assets.

Soon after the attack, the blockchain security firm SlowMist tracked down the hacker, claiming it knew the email address, IP and device fingerprint. SlowMist offered to share the hacker' information with PolyNetwork to help the company track him down. PolyNetwork also shared a letter asking the hacker to retrieve the money.

After SlowMist claims came to the public, the hacker returned $4.7M alongside a private note stating: "It would have been a billion hack if I had moved remaining shitcoins! Did I just save the project? Not so interested in money, now considering returning some tokens or just leaving them here."

About seven minutes after this transaction, he created the "The hacker is ready to surrender" token and sent it to a Polygon address. First, he retrieved $1.01001M in USDC to the Polygon network in three transactions of $10, $10,000, and $1M. These transactions were then followed by three others of 23.8 BTCB ($1.1 million), 259.7 billion SHIBA tokens ($2 million), and $600,000 in FEI (a stablecoin).

Since then, he retrieved everything he stole from the Binance smart chain, transferring 1,000 in BTCB ($46.4M), 26,629 in ETH ($86M), $119M in BUSD and $2.6M in BNB. Now, it remains to see if it will retrieve the USDC and ETH tokens still in its possession.

Image credit: DrawKit Illustrations and Art Rachen

Permalink to story.

 

NightAntilli

Posts: 774   +973
DeFi is bound to have some bugs since we're still early. But the Binance Smart Vhain is the main target of hacks. I don't know why people still trust anything that works with it.
 

Karlos95

Posts: 190   +122
Just exactly what are you calling a "prepared coordinated hack"? That is seeing you don't think this was one.
1 guy can do similar damage to multiple guys when it comes to hacking. Just depends on the size of the brain.

Also, the beautiful thing about crypto, (bitcoin as an example) it evolves over time, so hackers can hack the crap out of it, gov's can try to regulate it, but at the end of the day, it just gets better with time and the nay sayers on crypto continue to look like the fools.
 

cliffordcooley

Posts: 12,990   +6,310
Also, the beautiful thing about crypto, (bitcoin as an example) it evolves over time, so hackers can hack the crap out of it, gov's can try to regulate it, but at the end of the day, it just gets better with time and the nay sayers on crypto continue to look like the fools.
This had nothing to do with my question. It is however your normal hogwash.
 

emmzo

Posts: 348   +332
Just exactly what are you calling a "prepared coordinated hack"? That is seeing you don't think this was one.
I was thinking coordinated like russian style hacks, hundreds of hackers collectively working to deliver a powerful blow. Idk if that was the case here, I was under the impression there was only one guy and there`s so much one guy can do even if he`s prepared.
 

cliffordcooley

Posts: 12,990   +6,310
Hogwash? Just a fact mate. Get over it.
The hogwash part of your comments is where you assert Bitcoin taking over national currency. That is false. Bitcoin would be nothing without the stability of national currency. If a nations currency collapses, so would Bitcoin in that nation. Bitcoin can not survive on its own without stabilization. Which means without regulation. "Just a fact mate. Get over it."
 

Karlos95

Posts: 190   +122
The hogwash part of your comments is where you assert Bitcoin taking over national currency. That is false. Bitcoin would be nothing without the stability of national currency. If a nations currency collapses, so would Bitcoin in that nation. Bitcoin can not survive on its own without stabilization. Which means without regulation. "Just a fact mate. Get over it."
Have you not seen what has happened in Venezuela!? You are literally saying something won't happen when it already has. Just because it is your opinion doesn't make it fact.
Like I said, get over it. Sorry your poor debt ridden USD is looking sadder by the decade.
 

cliffordcooley

Posts: 12,990   +6,310
Like I said, get over it.
I haven't gambled anything away. Nothing for me to get over. And like I said earlier none of this BS has anything to do with my question in the first comment I made. Yet you felt the need to push your crap. So yes you do have something to get over. Stop thumping your bitcoin. Not all of us are swallowing your hypocrisy.
 

Karlos95

Posts: 190   +122
I haven't gambled anything away. Nothing for me to get over. And like I said earlier none of this BS has anything to do with my question in the first comment I made. Yet you felt the need to push your crap. So yes you do have something to get over. Stop thumping your bitcoin. Not all of us are swallowing your hypocrisy.
Funny thing is, I don't own any Bitcoin.
I am just stating facts that a lot of users on this forum tend to say they aren't when they haven't done the slightest research. Calling it hogwash is pretty much calling the kettle black.

Back to your original question "Just exactly what are you calling a "prepared coordinated hack"? That is seeing you don't think this was one."

Like I said, it evolves, so having a coordinated attack (whether it was one or wasn't) wouldn't matter too much as it will just come out stronger by the community. Simple.