Hackers suspected of attacking Poly Network arrogantly speak out

Poly Network attack: Hackers reveal motive, will return all money

Hackers claiming to be behind the theft of virtual currency that rocked decentralized finance (DeFi) platform Poly Network have said the move was “for fun”.

The amount of Ethereum virtual currency stolen in this cyber attack is worth hundreds of millions of dollars. Photo: Reuters

More than 600 million USD worth of virtual currency was stolen by hackers in the cyber attack against Poly Network. Decentralized Finance (DeFi) is a rapidly growing space for the virtual currency industry, to reproduce traditional financial products such as loans and execute transactions without participation. of any intermediary.

Despite attracting billions of dollars in investments, the decentralized finance space is also a source of new cyberattacks and scams. For example, a token (cryptocurrency born in initial public offerings of tokens) invested by billionaire “shark” Mark Cuban recently dropped from $60 to a few dollars. thousandths of a cent in a “spike out”.

Communication Poly Network seems to connect different blockchains so they can work together. A blockchain is a blockchain of transactions maintained by a distributed, rather than centralized, network of computers.

On August 10, a hacker exploited a vulnerability in the Poly Network system to steal virtual currency. According to researchers at blockchain security firm SlowMist, the Poly Network platform lost a total of over $610 million in this attack.

Poly Network then asked the hacker to refund the amount and almost half of the stolen virtual money was returned on August 11. By the morning of August 12, the value of assets returned by hackers had reached $ 342 million.

Reuters this morning, August 13, quoted Poly Network as saying that almost all of the assets stolen from the platform have been returned. Poly Network says a so-called “white hat” hacker will return all stolen assets value 613 million USD. Earlier, Poly Network warned that it would rely on the investigation of the authorities, and also suggested that hackers come up with a solution.

Regarding the suspect, in a Q&A-type question embedded in a virtual currency transaction on August 11, a person claiming to be an anonymous hacker explained that the reason behind the Poly Network attack was to “make fun”. This person said: “When I discovered the vulnerability (systemic error), I had a mixed feeling of joy and sadness.” “Ask yourself what to do when you’re faced with too many assets. Ask project members politely so they can fix it? Anyone can be a traitor if awarded a billion!”, the subject added.

“The only solution I can think of is to put it in a trusted account, while keeping myself anonymous and safe,” the person said.

As for the reason for returning the stolen virtual currency, the suspected hacker asserted: “It was always in the plan! I’m _not_ too interested in money! I know it’s painful when people get hacked, but they do. shouldn’t we also learn something from those attacks?”

Tom Robinson, chief scientist at blockchain data analytics firm Elliptic, thinks the Q&A writer is “definitely” the hacker behind the attack on Poly Network.

“The messages are embedded in transactions sent from this hacker’s account. Only the person holding the stolen property can send them,” Mr. Robinson said.

It is still not possible to verify the messages of the suspected hacker and those of other hackers independently. Blockchain security company SlowMist says its researchers tracked the attacker’s IP and email information. However, in the Q&A, the hacker defiantly stated that he had taken care to ensure “no trace is left”.