By Hannah Perez
The hacker behind the USD $600 million hack of Poly Network did an ‘AMA’ to answer questions about the attack. He admits it was for “fun” but that his intentions were good.
One of those moments when reality overcomes fiction. What started as a tragic mass hacking attack on Poly Network continues to unfold as a sort of reality show
in the crypto space.
Making good on his promise, the hacker responsible for the Poly Network cross-chain protocol hack , which resulted in the theft of at least USD $610 million in cryptocurrencies, has returned about 55% of the funds extracted. The platform’s developer team updated the information on its Twitter feed
USD $342 million of assets have been returned:
Ethereum: USD $4.6 million
BSC: USD $253 million
Polygon: USD $85 million
$342 million (As of 12 Aug 08:18:29 AM +UTC) of assets had been returned:
The remaining is $268M on Ethereum
– Poly Network (@PolyNetwork2) August 12, 2021
As reported by DiarioBitcoin, on Tuesday the Poly Network platform, a decentralized interoperability protocol between Blockchain, fell victim to a hack that has been labeled as the largest DeFi attack in history. As such, attackers breached the protocol from three blockchains: Binance Smart Chain (BSC), Polygon and Ethereum
, from where they extracted funds in various cryptocurrencies.
Then, a day later, in an unexpected turn of events, the hacker
– or group of attackers – contacted the protocol’s developers to state their willingness to return the stolen fortune.
“Ready to return the funds!“, the hacker had written in a message attached to a transaction from the breached Ethereum address. He also added in another message saying that he had made up his mind because he would become an “eternal legend” with his action of “saving the world
how it should continue
The truth is that it seems the anonymous attacker’s heroic pretensions didn’t end there, and now he’s taken on the role of a celebrity, or something like it. In another curious turn of events, the hacker held a question and answer session, or Ask-Me-Anything (AMA), to reveal the details of the attack.
Sam MacPherson, co-founder and CTO of software design firm Bellwood Studios, shared screenshots of the AMA on Twitter. “I like how the PolyNetwork Exploiter is having an AMA right now… what a ridiculous space,” he said.
I like how the PolyNetwork Exploiter is having an AMA right now… what a ridiculous space. pic.twitter.com/FBQieZqdQW
– Sam MacPherson (@hexonaut) August 11, 2021
During the Q&A, the mystery hacker again expressed his willingness to return the funds and clarified that this had always been part of the plan. He also suggested that the attack was meant to teach Poly Network’s developers a lesson in security.
That was always the plan! I’m not really interested in the money! I know it hurts when people get attacked, but shouldn’t they learn something from those attacks?
“I announced the decision to return [the funds] before midnight so that people who had faith in me could have a good rest ,” the hacker added. He went on to detail the reasons for the attack, stating that he had been “forced to play the game“, although he did pretend that it was the ethically correct decision in such a scenario. At the end of the day, there was a flaw in the protocol and had it not been him, another hacker – probably a malicious one – could have exploited it:
Seeing the bug, I had mixed feelings. Ask yourself what you would do if you were faced with such a fortune: Politely ask the project team to fix it? Anyone could be the traitor if they were given 1 billion. I can’t trust anyone. The only solution I could come up with was to keep it in a trusted account while staying anonymous and safe.
Just for fun
As for why he was returning the money so slowly, the hacker replied that he needed time to negotiate with the Poly Network team. “It’s the only way I know how to prove my dignity while hiding my identity. Besides, I need a break,” the hacker said.
However, and despite having claimed that the attack was carried out for noble causes, the hacker also revealed, when asked about why he had carried out the hack, that it had been “for fun” and because “hacking between cross-chain [protocols] is all the rage“.
He also admitted that the reason he had been trading and selling some of the stolen stablecoins was because he had been upset with the Poly Network team. “The Poly team pissed me off because of their initial response insta!The hacker was told that he had been “blamed and hated by others before I had a chance to respond,” he said.
The protocol’s developers released a letter on Tuesday urging the hacker to return the funds in which they also warned him that he had committed “the largest hack in DeFi’s history” and, therefore, “any country will consider this a major economic crime and you will be prosecuted.” Additionally, cybersecurity firm Slowmist, which did an investigation into the case, claimed it had identified the hacker’s IP and email addresses.
– Poly Network (@PolyNetwork2) August 10, 2021
At least for now, the Poly Network hacker seems willing to cooperate with the team and continues to make good on his promise to return the full amount of the stolen money. He even expressed his willingness to help make the platform more secure. There is still $268 million to be returned.
Version of Hannah Estefania Perez / DiarioBitcoin
Image by Unsplash