Hackers behind one of the biggest ever digital coin heists have now returned nearly all of the US$610 million-plus they stole, Poly Network, the cryptocurrency platform targeted earlier this week by the attack, said on Thursday.
The platform, which was little known before Tuesday’s heist, declared the hacker on Twitter https://twitter.com/PolyNetwork2/status/1425733950614360064 as a “white hat,” referring to ethical hackers who generally aim to expose cyber vulnerabilities, upon the return of the funds.
Poly Network, which facilitates peer-to-peer token transactions, added that the tokens were transferred to a multi-signature wallet controlled by both the platform and the hacker. [nL1N2PJ22R]
The only remaining tokens yet to be returned are the US$33 million in tether stablecoins frozen earlier in the week by cryptocurrency firm Tether, Poly Network said.
“The repayment process has not yet been completed. To ensure the safe recovery of user asset, we hope to maintain communication with Mr. White Hat and convey accurate information to the public,” said Poly Network on Twitter.
A person claiming to have perpetrated the hack said Poly Network offered him a US$500,000 bounty to return the stolen assets and promised that he would not be accountable for the incident, according to digital messages shared on Twitter by Tom Robinson, chief scientist and co-founder of Elliptic, a crypto tracking firm.
Poly Network, which allows users to transfer or swap tokens across different blockchains, said on Tuesday it had been hit by the cyberheist, urging the culprits to return the stolen funds.
The still as yet unidentified hacker or hackers appear to have exploited a vulnerability in the digital contracts Poly Network uses to move assets between different blockchains, according to blockchain forensics company Chainalysis.
On Wednesday, the hackers started returning the stolen coins, leading some Blockchain analysts to speculate that they might have found it too difficult to launder stolen cryptocurrency on such a scale.
Later on Wednesday, the hackers said in digital messages also shared by Elliptic that they had perpetrated the attack “for fun” and wanted to “expose the vulnerability” before others could exploit it and that it was “always” the plan to return the tokens.
At US$600 million, however, the Poly Network theft far outstripped the record US$474 million in criminal losses that were registered by the entire decentralized finance (DeFi) sector from January to July, according to crypto intelligence company CipherTrace.
The theft illustrates the risks of the mostly unregulated DeFi sector, said crypto experts. DeFi platforms allow users to conduct transactions, usually in cryptocurrency, without traditional gatekeepers such as banks or exchanges.
(Reporting by Gertrude Chavez-Dreyfuss in New York and Tom Wilson in London; Editing by Chizu Nomiyama, Michelle Price and Marguerita Choy)