Hacker returns $260m of Poly Network’s stolen coins

Read time 2min 40sec

A hacker has returned some of the money stolen from Poly Network, a global platform that looks to connect different blockchains so they can work together.

In a Twitter post, Poly Network said as of 11 August, 04:18:39 PM +UTC, the hacker had returned $260 million.

Yesterday, the blockchain company pleaded with the hacker to return over $600 million siphoned from the company.

“We want to establish communication with you and urge you to return the hacked assets. The amount you hacked is the biggest one in DeFi [decentralised finance] history. Law enforcement in any country will regard this as [a] major economic crime and you will be pursued. It is very unwise for you to do any further transactions.”

The company added its team traced the stolen assets to three addresses, and asked token issuers to blacklist tokens coming from those addresses.

DeFi is a blockchain-based form of finance that does not rely on central financial intermediaries such as brokerages, exchanges, or banks to offer traditional financial instruments, and instead utilises smart contracts on blockchains, the most common being Ethereum.

In its latest post, Poly Network says the assets returned by the hacker are $3.3 million worth of Ethereum, $256 million on BCS, as well as $1 million on Polygon.

The remainder is $269 million in Ethereum and $84 million in Polygon, says the company.

Poly Network operates on the Binance Smart Chain, Ethereum and Polygon blockchains. Tokens are swapped between the blockchains using a smart contract, which contains instructions on when to release the assets to the counterparties.

Coindesk reports that before starting the return, the hacker embedded a message in a transaction with himself: “Accept donations to ‘the hidden signer’ now. Encrypt your msg with his pubkey.”

It adds the hacker has been embedding messages to transactions with his own addresses to communicate with the world.

According to Coindesk, dozens of people have used the same method to ask for handouts.

Earlier Wednesday, it notes, the hacker used the same approach to say he was ready to return the funds.

He then said he was unable to get in touch with Poly Network and asked for multi-signature wallets.

The report says Poly Network, which had been calling for the funds’ return, prepared wallets on Ethereum, Binance Smart Chain and Polygon, the three blockchains the hacker has been using.

O3 Labs, a Tokyo-based blockchain developer associated with Poly Network’s affiliate Neo, said the hacker might be a so-called “white-hat” hacker.

Returning the funds indicates the hacker wasn't after his own gain, like a so-called “black-hat” hacker, but wanted to expose vulnerabilities to make the project more robust.

According to the report, the attack took advantage of a bug within Poly Network's cross-chain smart contract, security company SlowMist said.

See also