Poly Network, a cross-chain protocol, was hacked for $611 million in the largest DeFi hack to date.
They said that they regret to informing you that #PolyNetwork has been attacked on @BinanceChain @ethereum and @0xPolygon,” Poly Network said in a tweet today, adding, “We call on miners of affected blockchains and crypto exchanges to blacklist tokens originating from the above addresses.”
Poly Network is a system for transferring tokens between blockchains such as Bitcoin, Ethereum, and Ontology. It was created as a result of a collaboration between the teams behind many blockchain platforms, including Neo, Ontology, and Switcheo.
According to Igor Igamberdiev of The Block Research, the main cause of the breach was a cryptography flaw, which is unusual. It could have been comparable to the Anyswap incident, in which a hacker reversed the private key and stole $7.9 million.
The hack has had far-reaching consequences. As a result, O3, a trading pool that leverages Poly Network to exchange tokens across multiple blockchains, has been forced it to halt cross-chain trading.
Tracking the money
$273 million in Ethereum tokens, $253 million in Binance Smart Chain tokens, and $85 million in USDC on the Polygon network were among the stolen assets.
Tether has blacklisted the USDT on Ethereum that was stolen in the hack, totaling around $33 million in tokens, since the theft. This means they can’t be relocated any longer. (USDT is a centralized stablecoin that, like other stablecoins like USDC, can be frozen at will by the business that created it.)
Following the blacklisting, a crypto user sent a transaction to one of the stolen monies’ addresses, advising the hacker not to utilize USDT due to the blacklisting. In exchange for the information, the hacker handed the user 13.37 ETH ($42,000).
Changpeng Zhao, the CEO of cryptocurrency exchange Binance, tweeted after the attack, “We’re aware of the [poly. network] security flaw that was discovered today. While no one has control over BSC (or ETH), we are working with all of our security partners to provide proactive assistance. There are no assurances in this world. We’ll do everything we can.”
Identifying the assailant
SlowMist, a blockchain security startup, has issued a news alert claiming to have identified the attacker. It claims to have their email address, IP address, and device fingerprint information. The attacker’s initial assets were in monero (XMR), which were traded for BNB, ETH, MATIC, and other tokens used to fund the attack, according to the firm.
According to SlowMist, this information was gathered through its Chinese crypto exchange partner Hoo, as well as other exchanges. Other cryptocurrency users allege the monies utilized in the attack came from the Hoo exchange.
“We told [Poly Network/O3] that we have some information on the hacker, if they need it, we will provide it with them,” SlowMist CTO “Blue,” told The Block. He also expressed his desire for a “happy finish” to the drama.
Further investigation has revealed that some of the hacker’s wallets have a lot of DeFi activity. They point out that the wallets have interacted with centralized exchanges such as FTX, Binance, and OKEx, where the hacker may have been subjected to KYC procedures.
The hacker then sent a transaction back to the same wallet from one of the wallets containing the stolen cash. “IT WOULD HAVE BEEN A BILLION HACK IF I HAD MOVED THE REMAINING SHITCOINS!” the message reads. I JUST SAVED THE PROJECT, RIGHT? NOW THAT I’M NOT SO INTERESTED IN MONEY, I’M WONDERING IF I SHOULD RETURN SOME TOKENS OR JUST LEAVE THEM HERE.”