How Hackers Diverted $613 Cryptocurrency Fund
The world has just witnessed the biggest cryptocurrency theft in history.
A group of faceless hackers just shocked the entire world when they reportedly stole a whooping sum of $613 million in digital coins from token-swapping platform Poly Network.
The incident occurred on Tuesday 10th August 2021.
According to the reports, the hackers after diverting the funds, returned $260 million worth of tokens less than 24 hours later, the company said.
Read Also: Challenges and problems associated with fame
It was gathered that the attackers were able to return the $260 million after Poly Network appeal to them on Twitter, asking the individual to get in touch “to work out a solution”.
The hacker then posted messages pledging to return funds, claiming to be “not very interested in money”.
On Wednesday, Poly Network said it had received $260m back.
The hacker claimed to have always planned to return the tokens and said the heist was carried out to highlight vulnerabilities in Poly Network software.
“I know it hurts when people are attacked, but shouldn’t they learn something from those hacks?” the hacker wrote in the notes embedded on the Ethereum blockchain.
The technology underpining all crypto-currencies is blockchain – a distributed log of every single transaction made of a digital currency, that is sent to all users on the network
The hacker claimed to have spent all night looking for a vulnerability to exploit. They said they were worried that Poly Network would patch the security flaw quietly without telling anyone, so they decided to take millions of dollars in cryptocurrency tokens to make a point.
But they stressed that they did not want to cause a “real panic [in] the crypto-world”, so they only took “important coins”, leaving behind Dogecoin, the cryptocurrency that started off as a joke.
WHAT WE KNOW ABOUT POLY NETWORK.
A lesser-known name in the world of crypto, Poly Network is a decentralized finance (DeFi) platform that facilitates peer-to-peer transactions with a focus on allowing users to transfer or swap tokens across different blockchains.
For example, a customer could use Poly Network to transfer tokens such as bitcoin from the Ethereum blockchain to the Binance Smart Chain, perhaps looking to access a specific application.
It was not immediately clear from Poly Network’s website where the platform is based or who runs it. According to specialist crypto website Coindesk, Poly Network was launched by the founders of Chinese blockchain project Neo.
Read Also: 6 reasons why you should always put on your seat belt.
HOW DID THE HACKERS MANAGED TO ACHIEVE THAT FEAT?
Poly Network operates on the Binance Smart Chain, Ethereum and Polygon blockchains. Tokens are swapped between the blockchains using a smart contract which contains instructions on when to release the assets to the counterparties.
One of the smart contracts that Poly Network uses to transfer tokens between blockchains maintains large amounts of liquidity to allow users to efficiently swap tokens, according to crypto intelligence firm CipherTrace.
CLICK TO FOLLOW NEWSBLENDA ON TWITTER
Poly Network tweeted on Tuesday that a preliminary investigation found the hackers exploited a vulnerability in this smart contract.
According to an analysis of the transactions tweeted by Kelvin Fichter, an Ethereum programmer, the hackers appeared to override the contract instructions for each of the three blockchains and diverted the funds to three wallet addresses, digital locations for storing tokens. These were later traced and published by Poly Network.
The attackers stole funds in more than 12 different cryptocurrencies, including ether and a type of bitcoin, according to blockchain forensics company Chainalysis.
A person claiming to have perpetrated the hack said they had spotted a “bug,” without specifying, and that they wanted to “expose the vulnerability” before others could exploit it, according to digital messages posted on the Ethereum network published by Chainalysis. Reuters could not verify the authenticity of the messages.
