Poly Network confirms all hacked funds returned
Poly Network, the DeFi protocol which lost $610 million in a major heist earlier this month, confirmed on Tuesday that the hacker or hackers returned all stolen assets.
The hacker, who Poly Network took to calling him “Mr. White Hat,” finished the restoration of user funds after starting the process nearly three weeks ago. But over $200 million was locked in a blockchain wallet that required passwords from both Poly Network and the hacker.
For some time, the hacker refused to hand over his private keys, saying he would only provide passwords once “everyone is ready.” At that point, Poly Network offered the hacker a $500,000 reward for helping it identify vulnerability in its network, and offered him to take on the role of its “chief security advisor.”
Poly Network confirmed it regained control of the $610 million, excluding the $33 million USDT that was frozen by the stablecoin issuers.
“Poly Network has successfully retrieved the remaining 28,953 ETH and 1,032 WBTC (about $141 million). At this point, all the user assets that were transferred out during the incident have been fully recovered. Once again, we would like to thank Mr. White Hat for keeping his promise, as well as the community, partners and the multiple security agencies for their assistance,” Poly Network said in an update.
The attack took place on across the binance, polygon and ethereum blockchains. It also involved various tokens, including shiba inu, wrapped ether, wrapped bitcoin, uniswap and a series of stablecoins.
The unidentified person claimed to have always planned to return the cryptocurrencies he grabbed and said the attack was carried out to highlight security flaws in Poly Network software.
Researchers at security company SlowMist said the attacker exploited some functions within Poly Network’s cross-chain interoperability protocol to pass in carefully constructed data and modify “the keeper of the EthCrossChainData contract.”
“Keep calm and this is the happy ending! I have to admit that my wild or mad behaviors have led to crises to your project, your team and even your lives. Sorry for the inconvenience! It must be one of the most wild adventures in our lives,” the anonymous hacker said in a message embedded in a crypto transaction.
“My actions, which may be considered weird, are my efforts to contribute to the security of the Poly project in my personal style. The consensus was reached in a painful and obscure way, but it works. Some people even suspect that the whole story is a PR stunt,” he added.
Poly Network is an interoperability protocol that allows for cross-chain sharing of assets and information. It allows applications and tokens on specific networks to connect with and transfer across to other participating blockchains, including Bitcoin, Ethereum, Neo, Ontology, Elrond, Zilliqa, Binance Smart Chain, Switcheo, Huobi ECO Chain and OKExChain.