Just-In: PolyNetwork Hackers Start Returning $610 Million Stolen Funds

Update: Hackers have returned $133 million worth of funds out of $610 million as per the latest update.

 

PolyNetwork became the victim of the largest defi hack in crypto history estimated to be worth $610 million. The stolen funds were sent to three wallet addresses one on the Ethereum network containing over $260 million, BSC address with $250 million, and Polygon address with $85 million. The total fund distribution was as follows,

  • BSC assets: 6613 BNB, 87,603,671 USDC, 26,629 ETH, 1,023 BTCB, 32,107,854 BUSD
  • Polygon assets: 85,089,719 USDC
  • Ethereum assets: 96,389,444 USDC, 1,032 WBTC, 673,227 DAI, 43,023 UNI, 14 renBTC, 33,431,197 USDT, 26,109 WETH, 616,082 FEI

The hackers behind the theft had agreed to return the funds earlier today and have demanded a multisig wallet after failing to contact PolyNetwork.

Hacker: \”READY TO RETURN THE FUND!\”

0x7b6009ea08c868d7c5c336bf1bc30c33b87a0eedd59dac8c26e6a8551b20b68a pic.twitter.com/noSLpNwYaX

— harry.eth (@sniko_) August 11, 2021

Related article
Solana, Cardano Price Analysis Today: October 26, 2021

 

The hacker said,

“FAILED TO CONTACT THE POLY. I NEED A SECURED MULTISIG WALLET FROM YOU. IT’S ALREADY A LEGEND TO WIN SO MUCH FORTUNE. IT WILL BE AN ETERNAL LEGEND TO SAVE THE WORLD. I MADE THE DECISION, NO MORE DAO.”

The hackers have started to return the funds starting with the Polygon Network and have already transferred nearly a million dollars worth of USDC.

Source: PolygonScan

How Hacker Managed to Steal Significant Chunk From PolyNetwork?

The hacker has boasted that the stolen funds would have been in billion had they decided to transfer “Shitcoins” as well. The main reason for the hack was overriding “Bookkeepers,” someone who is responsible for authenticating fund transfers on the PolyNetwork. Poly being a cross-chain platform requires a cross-chain signature to approve transactions.

There are two theories, one that the hack was inside job or someone leaked the cross-chain signature to the hacker. The second theory suggests that the hacker managed to exploit a loophole to override the bookkeeper’s signature and became the sole authenticator, thus transferring such high amounts of assets.

The hackers tried to launder the money on Curve protocol, but the initial few transactions were declined because of Tether freezing USDT funds,  but the hacker managed to send $76 million in USDC to Curve and another $120 million in stablecoins on Ellipsis Finance.

The hack only exposed the growing vulnerabilities in the Defi ecosystem as the number of attacks on Defi has continued despite maturity in the market.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Bitcoin Casino
bitcoin casino india
bitcoin gambling
keonhacai hôm nay
kèonhàcái
link dang ky k8
link vào k8
Bitcoin Gambling
Bitcoin Casino India
Btc Gambling
Bitcoin Lottery
Bitcoin Gambling news
Bitcoin Sportsbook
Bitcoin Poker Reddit
keonhacai hôm nay
tructiepbongda
trang cá cược bóng đá
kèo nhà cái
link vào k8