Jump to content
  • Hacker behind biggest cryptocurrency heist ever returns stolen funds


    Karlston

    • 620 views
    • 3 minutes
     Share


    • 620 views
    • 3 minutes

    The threat actor who hacked Poly Network's cross-chain interoperability protocol yesterday to steal over $600 million worth of cryptocurrency assets is now returning the stolen funds.

     

    As the Chinese decentralized finance (DeFi) platform Poly Network shared two hours ago, the hacker has already returned almost $260 million worth of stolen cryptocurrency.

     

    In total, the attacker has transferred back $256 million Binance Smart Chain (BSC) tokens, $3.3 million in Ethereum tokens, and $1 million in USD Coin (USDC) on the Polygon network.

     

    To send back all the stolen funds, the hacker still has to return another $269 million on Ethereum and $84 million on Polygon.

    Motives behind returning the stolen assets unknown

    The threat actor explained the motivation for the hack by embedding Q&A messages in transactions (as Elliptic Chief Scientist and Co-founder Tom Robinson found), the motives behind their decision to give back the stolen cryptocurrency are not yet known.

     

    However, it could have been prompted by blockchain security firm SlowMist's claims that it traced the attacker's email address, IP address, and device fingerprint.

     

    SlowMist also discovered that the assets used to fund the attack were Monero (XMR) exchanged to BNB, ETH, MATIC, and other tokens.

     

    In a weird twist of events, Poly Network also urged the hacker to return the cryptocurrency stolen from "thousands of crypto community members" to avoid landing on law enforcement's radar.

     

    The biggest cryptocurrency hack ever

    Following a preliminary investigation of the attack, Poly Network said the threat actor exploited a vulnerability between contract calls which allowed them to gain ownership of funds and transfer them to attacker-controlled wallets:

     

     

    "This attack is mainly because the keeper of the EthCrossChainData contract can be modified by the EthCrossChainManager contract, and the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute the data passed in by the user through the _executeCrossChainTx function," SlowMist further explained.

     

    "Therefore, the attacker uses this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract."

     

    After Poly Network disclosed the attack, Binance CEO Changpeng Zhao said the company was coordinating with security partners to remediate the situation.

     

    OKEx, Tether, and Huobi also added that their security teams were working on freezing cryptocurrency assets identified as stolen in the attack.

     

     

    Hacker behind biggest cryptocurrency heist ever returns stolen funds


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...