The hacker does an about-face
Tuesday August 10 marks a dark day for the decentralized finance sector (DeFi). More than 600 million euros have been stolen by a hacker, exploiting a flaw in the Poly Network multi-chain protocol.
However, the next day, a breakthrough came to give a bit of hope to the Poly Network team. The most prolific hacker in the history of cryptocurrency has turned around and is now ready to return the stolen funds.
At around 10 a.m. this morning (4 a.m. in the US), the hacker made a blockchain transaction to himself. A note was embedded in the transaction message stating: “ready to return funds”.
Information on the transaction operated by the hacker – Source: Etherscan
Some time later, the hacker repeated the operation, this time recording that he had “failed to contact Poly,” then asked for “a secure multisig address.”
On its Twitter account, the Poly Network team was quick to respond. Following the protocol adopted by the hacker, the team indicated in a network transaction intended for them that they were preparing “a multisig address controlled by known Poly addresses”.
In the process, three separate addresses were communicated to the hacker so that he returned the stolen funds to the network.
👉 Find more details of the case – More than 600 million dollars stolen from the Poly Network protocol – The biggest crypto-hack of all time
A potential “white hat” hacker
According to the Poly Network team, the attacker has already returned 4.7 million dollars. First, he returned $ 1 million in USDC on the Polygon blockchain. This was achieved in three transactions whose amounts gradually increased (10, 10,000 and 1 million).
Subsequently, he also handed over $ 1.1 million in BTCB, a token linked to bitcoins on the Binance Smart Chain. Finally, $ 2 million in SHIB and $ 600,000 in FEI, a stablecoin, were found to be their owners.
So far, we have received a total value of $ 4,772,297.675 assets returned by the hacker.
ETH address: $ 2,654,946.051
BSC address: $ 1,107,870.815
Polygon address: $ 1,009,480.809 pic.twitter.com/bPFAQk4mvS
– Poly Network (@ PolyNetwork2) August 11, 2021
On social networks, several Internet users have questioned the nature of this mysterious hacker. Among them, the developer O3Labs responded to Poly Network’s tweet by suggesting a potential “white hat” hacker. These cybersecurity specialists are actually hackers with good intentions. Their objective is in particular to highlight flaws in a protocol.
For other Internet users, the hacker would have simply acted in response to the pressure. Indeed, a few hours after the theft, the blockchain security company Slowmist claimed to have already found the attacker’s IP address and email address.
In a message posted to Weibo on Tuesday, Slowmist hinted that the attacker used a little-known Chinese exchange, Hoo, to raise the funds needed for the attack. This therefore suggests that his digital footprint was identified from the start.
Currently, it is therefore still too early to qualify our hacker. However, we will closely follow the continuation of this case and the progress of the reimbursements.
👉 On the same theme – THORchain: a new attack and a warning from a “white hat” hacker
Receive a recap of crypto news every Sunday 👌 And that’s it.
About the Author: Lilian Aliaga
Freelance writer located between Paris and Toulouse. I want to share my passion for the world of cryptocurrencies with as many people as possible. I am also interested in technical analysis and trading.
All articles by Lilian Aliaga.