en
Back to the list

Over $600M Stolen in Poly Network Cross-Chain Hack

source-logo  beincrypto.com 10 August 2021 16:00, UTC

Poly Network announced via Twitter that it was attacked on the Binance, Ethereum, and Polygon networks. 

A massive $600 million cyberattack targeting Poly Network was carried out on Tuesday morning. The tweet from Poly Network reads, “Important Notice: We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon. Assets had been transferred to the hacker’s following addresses: 

ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963

BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71.”

Poly Network is a protocol that swaps tokens across several blockchains such as Bitcoin, Ethereum, and others. The assets stolen boil down to $273 million ETH, $253 million in BSC tokens, and $85 million in USDC taken from the Polygon network. 

In a series of follow-up tweets, Poly Network stated that the hacker has deposited $USDC and $DAI to the curve and called on miners of the affected blockchain and exchanges to blacklist any tokens from the aforementioned addresses. According to a tweet from the CTO of Tether, 

Paolo Ardoino, Tether has already frozen $33 million $USDT that were part of the stolen assets, effectively locking the tokens. Meanwhile, CRO of Binance Changpeng Zhao tweeted that “we are aware of the https://poly.network exploit that occurred today. While no one controls BSC (or ETH), we are coordinating with all our security partners to proactively help. There are no guarantees. We will do as much as we can. Stay SAFU.”

Tracking down those responsible

According to SlowMist, the security team has announced they have successfully tracked down the hacker’s mailbox, IP address, and device fingerprint. The Poly Network attacker has been found via on-chain and off-chain tracking. SlowMist adds that “with the technical support of SlowMist’s partner Hoo Tiger Symbol and multiple exchanges, the SlowMist security team discovered that the hacker’s initial source of funds was Monero (XMR), and then changed to BNB, ETH, MATIC, on the exchange, withdraw coins to 3 addresses, and launch an attack on 3 chains soon.” The security group concluded that due to the flow of funds and the fingerprint information, it can be assumed this was a well-planned, organized, and time-consuming attack. 

SlowMist also says that a transaction from one of the offending wallets was sent with a message stating that “it would have been a billion hack if I had moved remaining shitcoins! Did I just save the project? Not so interested in money, now considering returning some tokens or just leaving them here,” suggesting he may just abandon the wallet in limbo.

beincrypto.com