[ad_1]
It is estimated that over $ 600 million worth of cryptocurrency has been stolen as a result of a hack on a protocol called Poly Network. And now whoever stole it appears to be giving it back, according to CNBC and Channel analysis. According to Bloomberg, this is quite possibly one of the biggest hacks in the decentralized finance space, or DeFi.
The Poly Network is a protocol that allows people to transfer cryptocurrencies between blockchains. And due to this bridge role, stolen assets come in the form of hundreds of different token types – from Ethereum to Binance BNB to Dogecoin.
Poly Network quotes huge amount of stolen money in message to hacker, he posted on Twitter. The post begins with “Dear Hacker” and goes on to explain how the attacker is said to have trouble with law enforcement for robbing “people”.
The message may have worked. The hacker posted a series of messages (incorporating text into transactions sent to him), saying he was ready to return the stolen funds but needed a way to send them back to Poly Network. Poly Network addresses provided to send the crypto to, and the coins started to flow.
At 10 a.m. ET on Wednesday, around $ 5 million was returned, but it appears the attacker is getting rid of lower-value cryptos first. They included a message saying they were “DUMPING SHITCOINS FIRST”.
There have been several theories as to how the attack was carried out. A security team claims that, based on their initial analysis, either the attacker was able to sign transactions with a legitimate private key, or he was able to exploit a bug to get a message signed. Poly Network has rejected this analysis, claiming that the attackers exploited an interaction between two contracts. Poly Network pointed to another security firm’s research that found similar results. Channel analysis said it will release a full scan today.
It’s likely that we won’t know what really happened until further investigation is done, and we won’t know how well the hacker actually got away with it. It is possible that the crypto community will rally to the blacklist of stolen tokens, rendering them essentially worthless – it’s already done for about $ 33 million in tokens, but that wouldn’t be that easy for the rest of them. According to The block, the frozen holdings were USDT coins, which are controlled by a company called Tether. However, many of the other stolen coins are decentralized, which means that no entity can decide what can or cannot happen with them, and there is no promise as to what the community will decide to do. .
There is also the question of why the attacker started to return the funds. Yesterday they posted a message that said, in part, “not so much interested in the money, now considering returning tokens or just leaving them here.” Since then, they’ve posted a post saying giving the money back (or saving the world, as they say) would make it “an eternal legend.” But another message they posted, asking for donations from those who support their decision to return the funds, questions the “not so interested in the money.” Maybe they’re just giving the funds back for fear they won’t be able to use them, or they’ve had enough of the hundreds of people begging for a Robin Hood-style redistribution.
[ad_2]
Source link