How Hackers Stole And Returned $600 Mln In Tokens

Share post:

Hackers committed the biggest cryptocurrency heist on Tuesday, stealing more than $600 million in digital coins from the token-swapping platform Poly Network, only to return almost all of their assets less than 48 hours later, the company said.

Poly Network is a decentralized finance (DeFi) platform that conducts peer-to-peer transactions that allow users to transfer or exchange tokens across different blockchains.

Poly Network was founded by Chinese businessman Da Hongfei, who is currently head of blockchain platform Neo. It was launched in August 2020 as a collaboration between Neo, crypto-trading platform Switcheo and blockchain company Ontology.

One of the smart contracts that Poly Network uses to exchange tokens between blockchains has large amounts of liquidity to enable users to effectively exchange tokens, as crypto-messaging company CipherTrace puts it.

Poly Network said in a Tweet on Tuesday that a preliminary investigation found that the hackers exploited a security flaw in the smart contract.

After analyzing the transactions by Kelvin Fichter, an Ethereum programmer, the hackers were able to override the contract instructions for each of the three blockchains and redirect the money to three wallet addresses, digital locations for tokens. These were later tracked and published by Poly Network.

The hackers stole money in more than 12 different cryptocurrencies, including ether and a type of bitcoin.

A person claiming responsibility for the hack said they had detected a “bug,” without elaborating, and that they wanted to “expose the vulnerability” before others could exploit it.

Coindesk reported on Tuesday that the attackers first tried to transfer some assets from one of the three wallets to the liquidity pool Curve. fi, but this was rejected. About $100 million was transferred from another wallet and deposited into the liquidity pool of Ellipsis Finance.

On Wednesday, however, the attackers began transferring assets back to Poly Network in a wallet controlled by both parties, and by Thursday afternoon the attackers had returned almost all the assets, with only $33 million frozen from the Tether cryptocurrency platform.

It has not yet been possible to determine who or which group is responsible for the attack.

For more information, read the original story by Reuters.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

US supports Japans ambitions to return to leadership in chip manufacturing

Japan has embarked on a monumental $67 billion initiative to reclaim its stature as a global semiconductor titan,...

One billion dollar copyright infringement killed on appeal

The $1 billion copyright infringement verdict against Cox Communications was overturned by a federal appeals court, which ruled...

Colorado app addresses food waste and feeds “food insecure”

In Denver and Boulder, Colorado the Too Good To Go app is changing the way we tackle food...

Polar: A new way of funding open source projects

A company called Polar is introducing a new idea in open-source funding, aiming to allow open source developers...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways