There is still much that is unknown about the largest decentralized finance (DeFi) security breach to date, the sophisticated attack that drained $600 million worth of cryptocurrencies from the China-based PolyNetwork, including the identity of the “hacker” (or hackers) and their underlying motivations. It was a story that riveted the industry, in part because the “Polynetwork hacker” ultimately returned all the stolen funds while communicating with the public the whole way through.
“Mr. White Hat,” as the hacker referred to themselves in one message, said they attacked the cross-blockchain platform to call attention to an unidentified vulnerability and always intended to return the funds (minus a small bug bounty). But it’s just as likely he/she/they were forced to do the right thing after several crypto exchanges and USDT stablecoin issuer moved to blacklist the funds.
Additional context: The crypto industry differentiates between a “hack,” which means breaking into a system, and an “exploit,” which leverages or makes vulnerable existing code.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.