- Attacker behind the $600 million hack on the Poly network returned $258 million worth of crypto to the cross-chain protocol.
- The hacker started returning funds merely a day after blockchain security firm SlowMist claimed to obtain the attacker's identity information.
- By embedding messages to transactions with their own address, the hacker started communicating with the world.
Poly Network expects to recover stolen funds after writing a letter asking the hacker to return the funds. Currently, less than 1% of the funds have been recovered.
The largest DeFi hack in history may end in recovery of stolen funds
On August 10, a hacker drained the cross-chain protocol Poly Network of hundreds of millions of dollars. Over $600 million in several cryptocurrencies, Ethereum, Binance smart chain tokens, and stablecoins were stolen.
The heist included $273 million in Ethereum tokens, $253 million in tokens on Binance Smart Chain, and $85 million in USD coin (USDC). In the aftermath of the attack, Poly Network reached out to exchanges and miners on its Twitter handle and requested them to blacklist the stolen funds.
Tether was the swiftest to blacklist stolen USDT worth $33 million. Binance, OKEx and other exchanges extended support to Poly Network in the hours following the hack. Among exchanges and protocols coming out in support of the cross-chain protocol, SlowMist stood out since the blockchain security firm claimed to have the hacker's identity (ID) information.
2)The SlowMist security team has grasped the attacker's mailbox, IP, and device fingerprints through on-chain and off-chain tracking, and is tracking possible identity clues related to the Poly Network attacker.— SlowMist (@SlowMist_Team) August 10, 2021
SlowMist's initial investigation revealed that the hacker used Hoo, a less popular Chinese cryptocurrency exchange, to gather funds for the attack. From Hoo, the blockchain security firm was able to obtain details of their digital footprint.
Poly Network then reached out to the hacker through an open letter on Twitter, describing the magnitude of the hack and asking them to establish communication and work together to return the stolen funds.
The team behind the Poly Network prepared a multi-sig address controlled by a known Poly address and identified three addresses where the attacker could return funds.
Several hours later, the hacker sent the first transaction returning some funds by creating a token called "The hacker is ready to surrender" and sending it over to the designated Polygon address. Seven minutes hence the hacker's Polygon address returned $10,000 in a stablecoin USDC to a wallet set up by Poly Network at 8:46 UTC.
Another transaction followed, 15 minutes hence, and $1 million was deposited in Poly Network's address.
$1 million in USDC recovered from the DeFi hack
Another $1.1 million was returned in Bitcoin Brand (BTCB) on the Binance Smart Chain at 9:49 UTC.
$1.1 million in BTCB recovered on the Binance smart chain
So far, we have received a total value of $4,772,297.675 assets returned by the hacker.— Poly Network (@PolyNetwork2) August 11, 2021
ETH address: $2,654,946.051
BSC address: $1,107,870.815
Polygon address: $1,009,480.809 pic.twitter.com/bPFAQk4mvS
The process of obtaining hacked crypto assets has started. However, it will be a long one, given that the attacker has returned less than 1% of the funds.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.
If not otherwise explicitly mentioned in the body of the article, at the time of writing, the author has no position in any stock mentioned in this article and no business relationship with any company mentioned. The author has not received compensation for writing this article, other than from FXStreet.
FXStreet and the author do not provide personalized recommendations. The author makes no representations as to the accuracy, completeness, or suitability of this information. FXStreet and the author will not be liable for any errors, omissions or any losses, injuries or damages arising from this information and its display or use. Errors and omissions excepted.
The author and FXStreet are not registered investment advisors and nothing in this article is intended to be investment advice.