WASHINGTON (Reuters) – On Tuesday, hackers carried out the world’s largest cryptocurrency heist, stealing over $600 million in digital coins from token-swapping platform Poly Network, only to return $342 million in tokens less than 48 hours later, according to the business.
Here’s everything we know about the heist thus far.
WHAT EXACTLY IS A POLY NETWORK?
Poly Network is a decentralized finance (DeFi) network that allows users to transport or sell tokens across different blockchains. In the crypto realm, it’s a lesser-known name.
Poly Network can be used to transfer tokens such as bitcoin from the Ethereum blockchain to the Binance Smart Contract blockchain, for example. A consumer may, for example, utilize Poly Network to transfer tokens such as bitcoin from the Ethereum blockchain to the Binance Smart Contract blockchain.
Poly Network was developed by Da Hongfei, a Chinese entrepreneur who is also the CEO of Neo, a blockchain platform.
Poly Network was created in August of last year as a collaboration between Neo, crypto trading platform Switcheo, and blockchain developer Ontology, according to Neo’s website.
HOW DID THE TOKENS GET IN THE HANDS OF HACKERS?
Poly Network makes use of the Binance Smart Chain, Ethereum, and Polygon blockchains. Tokens are traded between blockchains with the help of a smart contract that specifies when the assets should be distributed to the counterparties.
One of the smart contracts Poly Network uses to transfer tokens across blockchains, according to crypto intelligence firm CipherTrace, maintains significant volumes of liquidity to allow users to trade tokens efficiently.
The hackers exploited a flaw in this smart contract, according to a preliminary assessment, Poly Network tweeted on Tuesday. According to a preliminary assessment, the hackers exploited a weakness in this smart contract, Poly Network tweeted on Tuesday.
The hackers appeared to override the contract instructions for each of the three blockchains, according to an examination of the transactions tweeted by Kelvin Fichter, an Ethereum programmer.
funds to three wallet addresses, which are digital storage facilities for tokens. Later, the poly network was able to locate and publish them.
The attackers grabbed assets in more than 12 different cryptocurrencies, including ether and a type of bitcoin, according to Chainalysis, a blockchain forensics firm.
A person claiming responsibility for the attack said they detected an “issue,” without specifying what it was and that they planned to “disclose the vulnerability” before others could exploit it, according to digital messages revealed by Chainalysis on the Ethereum network.
WHAT HAPPENED TO THE MONEY?
According to Coindesk, the hackers attempted to transfer some of the assets from one of the three wallets to the liquidity pool Curve.fi on Tuesday, but the transfer was refused. Almost $100 million was transferred from one of the wallets to the liquidity pool Ellipsis Finance, according to Coindesk.
Curve.fi and Ellipsis Finance could not immediately be reached for comment.
However, the hackers began sending assets back to Poly Network on Wednesday morning, and by Thursday morning, they had returned $342 million in tokens, with $268 million still missing from the Ethereum chain, according to Poly Network. Poly Network said it was still speaking with the hackers about 10 a.m. ET (1400 GMT) on Thursday, and that they were gradually sending back the remaining assets.
WHERE DID THE HACKER COME FROM?
SlowMist, a cryptocurrency security business, reported on its website that it has identified the attacker’s mailbox, IP address, and device fingerprints, but that no individuals had been identified. The crime was “likely to be a long-planned, orchestrated, and prepared attack,” according to SlowMist.
Some crypto specialists are unconvinced, despite the supposed hacker posing as a so-called “white hat,” an ethical hacker who had “always” planned to return the money, according to the chats disclosed by Chainalysis.
SlowMist, a cryptocurrency security business, reported on its website that it has identified the attacker’s mailbox, IP address, and device fingerprints, but that no individuals had been identified. The crime was “likely to be a long-planned, orchestrated, and prepared attack,” according to SlowMist.
Some crypto specialists are unconvinced, despite the supposed hacker posing as a so-called “white hat,” an ethical hacker who had “always” planned to return the money, according to the chats disclosed by Chainalysis.