Hacker of the decentralized finance (DeFi) interoperability protocol Poly Network, who recently lost over USD 600 million, first requested a multisignature (multisig) wallet from the protocol, and then began re-transferring funds from the wallet.
In the words of Tom Robinson, the chief scientist and co-founder of the blockchain data tracker Elliptic, USD 258 million has already been returned, and the hacker “is also asking for donations, as a reward for doing the right thing.”
When the attacker appeared to be having a good time with messages asking if a community vote should be used to determine where the stolen funds should be used, he wrote “READY TO RETURN THE FUND!” as a comment attached to a transaction executed by the address marked as ‘PolyNetwork Exploiter,’ the attacker wrote “READY TO RETURN THE FUND!”
It is unclear, however, whether the hacker intended to return all of the funds that were stolen.
But then things got even more complicated in this confusing soup of a situation.
After posting a letter to the hacker, Poly Network threatened them with legal action and stated that the money they took in “the biggest [hack] in the history of the Defense Department” belonged to the people.
The hacker also stated, in another transaction, that he intended to return the funds despite the fact that he appeared to want to do so hours earlier: “FAILED TO CONTACT THE POLY. I NEED A SECURED MULTISIG WALLET FROM YOU.”
Hacker: “IT’S ALREADY A LEGEND TO WIN SO MUCH FORTUNE. IT WILL BE AN ETERNAL LEGEND TO SAVE THE WORLD. I MADE THE DECISION, NO MORE DAO”
— harry.eth (@sniko_) August 11, 2021
Following the protocol’s announcement later today, the addresses to which the funds can be returned were made public.
As previously reported, Poly Network was the victim of a massive exploit yesterday, with the attacker walking away with more than USD 600 million.
It was launched against the Binance Smart Chain (BSC), Ethereum (ETH), and Polygon blockchains (MATIC).
At the time of writing, the address on Etherscan, which is labeled as “reported to be involved in a PolyNetwork exploit,” contains USD 183 million in ERC-20 tokens, according to the website.
The Polygonscan address has more than USD 85 million in it, and the BscScan address has more than USD 133 million.
It is still unclear exactly what occurred in the background of this hack.
There are even some who believe it was an inside job, though many others are skeptical.
According to Xiamen SlowMist Technology, a blockchain security specialist, “the core of this attack is that the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute specific cross-chain transactions through the _executeCrossChainTx function,” which stands for “verify header and execute transaction.”
The attacker changed the address associated with the keeper role, created transactions at his or her discretion, and was able to withdraw any amount of money from the contract.
In a similar vein, researcher Kelvin Fichter asserted that the ‘EthCrossChainManager’ is a “critical flow” in the Poly Network contract that must be followed.
El Doggo Diablo, a cryptography engineer who goes by the moniker “El Doggo Diablo,” has stated that the cryptographic space suffers from “a severe lack of software security processes.”
A number of individuals and funds in China, where the hack is said to have been widespread, are said to have been impacted by the incident.
A cryptocurrency investor known as “Boxmining” claimed to have been a victim of the scam himself, and stated that there is nothing more he can do at this time.
“The Poly Network hack shows that while cross-chain tech is certainly progressing, it appears to be two steps forward and one step back. Most beta launches are disclaimed such that sending large amounts to un-audited smart contracts is ill-advised by the protocol teams. Still, many investors can’t wait to barge through the gates in order to do a quick 10x flip,” Kay Khemani, Managing Director at Spectre.ai, a broker-less trading platform, said.
“The crypto world has two philosophical camps. The Bitcoin world moves slowly and cautiously with an emphasis on security. The other camp has embraced a “move fast and break things” approach. The most obvious examples of this are in the frequent hacks we hear about – Bitcoin DeFi has yet to experience any such hacks,” Edan Yago, Contributor to the Bitcoin-based Defi protocol Sovryn, said in an emailed comment.
According to him, the disparity is even more profound, with many projects outside of Bitcoin sacrificing decentralization and opening the door to capture by elites in the process.
‘Send me money’
Almost immediately following the attack, there appeared to be a large number of people who were sending messages and/or congratulating the hacker in the hopes of obtaining a tip from him.
Comments of this nature on Etherscan appear to have been flagged as spam.
Some, however, are still around.
Omaz Z Khan, for example, stated the following: “Dude, just go out and recruit as many cryptopunks as you can.
Spare me some eth, or even just one punk if you want 🙂
I’m going to be in debt.”
“Please airdrop some funds to us, as we have been suffering for a year as a result of COVID,” said’meow chia’ in response to the request.
User ‘chanlaka’ wrote a longer post in which he explained that he and his family had lost their parents and were now only left with their sick younger sister, for whom they must cover the cost of her hospitalization.
As part of a larger post, ‘SumYungGuy’ discussed, among other things, how to get away with money.
A more egalitarian approach was taken by ‘justin wong,’ who simply wrote, “bro just airdrop to all help all people!,” in response to the situation.
It appears that many people have decided to send the attacker small amounts of their ETH or other cryptocurrency in exchange for messages, apparently in the hope of receiving a much larger sum in return.
“I sent you a tiny bit of matic in the hopes that it will get your attention :/ please change my life,” wrote ‘TheBluntsLit,’ who has written a number of glowing recommendations.
The person who was reported to have received an ETH 13.37 (USD 42,930) tip appears to have had a good time as well, according to reports.
All txs are some permutation of 1337. Used 133.713371337 Gwei for Gas.
Uses MrGorbachevTearDownThatWall.txt as the message.
Yeah, hanashiro definitely some 4chan turbo degen just entertaining us. pic.twitter.com/fSBkuu1uMb
— Hsaka (@HsakaTrades) August 10, 2021