Poly Network Hack Not Over as Attacker Prolongs Return of Funds

The attacker now says they are considering accepting the $500,000 bounty offered by Poly Network as a reward for returning the funds, and using it to pay anyone else who can hack the DeFi site.

Aug 16, 2021 at 7:31 p.m. UTC
Updated Sep 14, 2021 at 1:40 p.m. UTC

The Poly Network cyberattack saga has dragged into its second week with the hacker or hackers yet to provide the key for the multi-signature wallet needed to complete the full return of the roughly $600 million that was stolen, with the exception of the $33 million worth of the stablecoin USDT that was frozen by Tether.

  • China-based Poly Network had previously offered $500,000 to the attacker or attackers as a reward for returning the money taken on the Binance Smart Chain (BSC), Ethereum and Polygon platforms in what is likely the largest-ever hack of a decentralized finance (DeFi) site. 
  • The hack or hackers acknowledged receiving the offer and initially said they had declined it, but had instead begun (and eventually completed) returning the stolen funds to a multi-signature wallet set up by Poly Network. The hacker or hackers haven’t turned over the final key for the wallet, though.
  • In a message posted to the Ethereum blockchain at 1:45 p.m. UTC on Monday, the attacker, who the Poly Network is calling “Mr. White Hat” but who some others doubt is a true white hat hacker, said that they were considering taking the bounty and using it to reward anyone else who can hack the cross-chain platform. A “white hat” attacker is one who tries to exploit vulnerabilities in a protocol to help expose and ultimately fix bugs or loopholes in the underlying code.
  • ”MONEY MEANS LITTLE TO ME, SOME PEOPLE ARE PAID TO HACK, I WOULD RATHER PAY FOR THE FUN,” the attacker or attackers wrote. “IF THE POLY DON’T GIVE THE IMAGINARY BOUNTY, AS EVERYBODY EXPECTS, I HAVE WELL ENOUGH BUDGET TO LET THE SHOW GO ON.”
  • ”I TRUST SOME OF THEIR CODE, I WOULD PRAISE THE OVERALL DESIGN OF THE PROJECT, BUT I NEVER TRUST THE WHOLE POLY TEAM,” the attacker added.
  • ”I WILL PROVIDE THE FINAL KEY WHEN _EVERYONE_ IS READY. MY IDEA IS NOT CHANGED, BUT I DO WORRY IT MIGHT BE AN ENDLESS WAR. SO I MIGHT RELEASE IT EARLIER AS LONG IF THE COMMUNITY UNDERSTANDS EVERYTHING.”
  • In an email to the media on Tuesday at 10:25 a.m. UCT, Poly Network said that it has  completed the second phase of its “Mainnet Upgrade” in response to the attack, and has maintained daily contact with the attacker to update him or her on their progress. “We have made constant efforts to establish an understanding with Mr. White Hat and genuinely hope that Mr. White Hat will transfer the private keys as soon as possible so that we can return full asset control back to the users at the earliest.”
  • Poly Network also said it is counting on “experts” like the attacker to help improve the security of its network, and with that in mind, was inviting him or her to become Poly Network’s Chief Security Advisor. 
  • Poly Network reiterated that it has no intention of holding the attacker legally responsible, and that its offer to reward Mr. White Hat with a $500,000 bug bounty still stood, despite the attacker considering using the funds to reward others who are able to hack the Poly Network. “We fully respect Mr. White Hat's thoughts, and to express our gratitude, we will still transfer this $500,000 bounty to a wallet address approved by Mr. White Hat for him to use it at his own discretion for the cause of cybersecurity and supporting more projects and individuals,” the Poly Network said. “Whatever Mr. White Hat chooses to do with the bounty in the end, we have no objections.
  • Poly Network also joined Immunefi in offering a separate bug bounty of $100,000 for finding critical vulnerabilities in its network, with a total bounty pool of $500,000 for security researchers and white hats who submit valid bugs.

UPDATE (August 17, 12:46 UTC): Updated with information about Poly Network's latest response to the attack in bullet points seven, eight, nine and ten.

The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
Musk Sets New Condition for Twitter, Citi Says Terra’s Fallout Unlikely to Hit Wider Financial System

The most valuable crypto stories for Tuesday, May 17, 2022.

The most valuable crypto stories for Tuesday, May 17, 2022.

2
Market Wrap: Cryptos and Stocks Mixed Amid Bearish Sentiment

BTC is stabilizing around $30K while stock market volatility begins to fade.

BTC is stabilizing around $30K while stock market volatility begins to fade.

3
New Data Shows Underground Bitcoin Mining Thriving in China

The U.S. has also expanded its lead in the global hashrate competition.

The U.S. has also expanded its lead in the global hashrate competition.

4
Bitcoin sube a $30K, con una resistencia en $35K

BTC está en camino de registrar una señal de impulso positivo en el gráfico diario.

BTC está en camino de registrar una señal de impulso positivo en el gráfico diario.