The attacker who 24 hours ago stole more than $600 million in cryptocurrencies from the DeFi protocol, Poly Network, is returning part of the stolen digital assets. The service dedicated to decentralized finance and the operation of multiple blockchains, announced today, Wednesday, August 11, that it established contact with the hacker.
At the time of publishing this article, the hacker has returned about $256 million worth of cryptocurrencies, especially tokens on the Binance Smart Chain. According to block explorer BscScan, the attacker returned $119 million in BUSD; $86.9 million in Binance Ethereum Token and another $47.9 million in BTCB. Another $2 million in SHIBA was also resent
Earlier, Poly Network broadcast
that the attacker had returned $4,772,297. Although the person involved returned a portion of the funds, there would be no guarantees that he would return the entirety of the stolen cryptocurrencies. The first tokens returned were distributed as follows:
The cryptocurrencies sent to the addresses arranged by Poly Network represent less than half of what was stolen. The above could be interpreted as a sign of the hacker’s “good faith” with the DeFi service to return the rest of the digital assets.
Prior to the first funds transfer, the attacker created a token on Polygon called “The hacker is ready to surrender
“. Subsequently, he made four transactions with USD Coin on the blockchain in the amounts of $1, $100, $10,000 and $1 million. <img width=”1024″ height=”250″ src=”https://mk0criptonoticijjgfa.kinstacdn.com/wp-content/uploads/2021/08/transacciones-devolucion-fondos-robados-poly-network-1024×250.jpg 1024w, https://mk0criptonoticijjgfa.kinstacdn.com/wp-content/uploads/2021/08/transacciones-devolucion-fondos-robados-poly-network-300×73.jpg 300w, https://mk0criptonoticijjgfa.kinstacdn.com/wp-content/uploads/2021/08/transactions-devolution-funds-stolen-poly-network-768×187.jpg 768w, https://mk0criptonoticijjgfa.kinstacdn.com/wp-content/uploads/2021/08/transacciones-devolucion-fondos-robados-poly-network-1536×375.jpg 1536w, https://mk0criptonoticijjgfa.kinstacdn.com/wp-content/uploads/2021/08/transacciones-devolucion-fondos-robados-poly-network-560×137.jpg 560w, https://mk0criptonoticijjgfa.kinstacdn.com/wp-content/uploads/2021/08/transacciones-devolucion-fondos-robados-poly-network-750×183.jpg 750w, https://mk0criptonoticijjgfa.kinstacdn.com/wp-content/uploads/2021/08/transacciones-devolucion-fondos-robados-poly-network-1140×278.jpg 1140w, https://mk0criptonoticijjgfa.kinstacdn.com/wp-content/uploads/2021/08/transacciones-devolucion-fondos-robados-poly-network.jpg 1844w” alt=” /> The person involved in the hack created a token to announce that he was willing to surrender. He then made four transactions to attest to his decision. Source: Polygonscan.
Upon receiving the first cryptocurrencies, Poly Network sent a message back via another transaction stating
, “You are moving things in the right direction. We received 1+M USDC in Polygon.”
Cause of the attack on Poly Network
The DeFi service launched an investigation into what happened on Tuesday. Initial forensic findings suggest that the attacker exploited a vulnerability among the so-called “contract calls“. A contract call refers to when a user requests a specific function of a smart contract
What happened with Poly Network was analyzed by blockchain research firm Slow Mist, which issued a technical report on the event. According to the cybersecurity agency, the hacker tapped the verifyHeaderAndExecuteTx function of the EthCrossChainManager
This action allowed him to execute a role change and build a transaction at will to withdraw any amount of funds from the contract. “It is not the case that this event was caused by the private key leak,” Slow Mist added.
CryptoNews reported this Tuesday, August 10, what happened to Poly Network. It would be the most relevant attack in the history of DeFi due to the amounts involved. The security of this type of services has been questioned before, which has been reflected in multiple attacks, hacks and theft of funds.