The largest-ever cryptocurrency theft has been fully reversed. PolyNetwork, the platform that lost an estimated $611 Million worth of Binance Smart Chain (BSC), Ethereum, and USD Coin tokens, has confirmed that it received all of the stolen digital currency.
Cryptocurrency platform, Poly Network, announced that it had received back all the cryptocurrency tokens that hackers had successfully transferred to their own crypto-wallets. Several security experts are lauding the joint efforts of competing cryptocurrency service providers.
The biggest-ever cryptocurrency theft sees sudden reversal:
PolyNetwork is a popular cryptocurrency platform that multiple blockchain providers, namely, Neo, Ontology, and Switcheo created. The intention behind the multi-platform collaboration was to facilitate the easy exchange of crypto tokens across different crypto platforms, including Bitcoin and Ethereum.
The cost of Poly Network exploitation has been the largest compared to the others up until now. pic.twitter.com/cshaHaXwXA
— Coin98 Analytics (@Coin98Analytics) August 10, 2021
Earlier this month, PolyNetwork confirmed it was a victim of cybercrime of gargantuan proportions. Cybercriminals had successfully compromised the platform’s defenses, infiltrated the cryptocurrency holding vault, and transferred a large number of cryptocurrency tokens to their own crypto-wallets.
Shortly after confirming the theft, PolyNetwork wrote an open letter to the cyber thieves, pleading with them to returns the “funds of the crypto community members”.
— Poly Network (@PolyNetwork2) August 10, 2021
It appears the hacker, codenamed Mr. White Hat had been in contact with PolyNetwork. He or she was reportedly trying to negotiate the surrender of stolen digital tokens.
Dear "Hacker",
Thank You! We are ready for a new journey.
Poly Network Teamhttps://t.co/djwsVJRXrN
— Poly Network (@PolyNetwork2) August 23, 2021
After a brief exchange over social media and cryptocurrency exchanging platforms, Mr. White Hat began returning the stolen funds. This week, PolyNetwork confirmed it had received the final installment of the stolen cryptocurrencies:
“At this point, all the user assets that were transferred out during the incident have been fully recovered. We are in the process of returning full asset control to users as swiftly as possible.”
Why did Mr. White Hat return $611 Million worth of cryptocurrency tokens?
It is important to note that the thief successfully exploited a vulnerability in PolyNetwork’s code. He was able to transfer the stolen funds to his own accounts.
The hacker who hacked Poly Network provided the key to the wallet and returned the remaining $ 141 million.
The hacker described the incident as "one of the wildest adventures in life", leaving the signature "Your main security advisor" in the comments to the transaction. pic.twitter.com/eaXh9nuiPT
— Anton Chashchin (@antont71) August 23, 2021
Simply put, Mr. White Hat had access to the majority of stolen cryptocurrency assets. Only about $200 Million worth of digital tokens from the estimated $611 Million stolen, lay trapped in an account that required passwords from both Poly Network and the hacker.
Overall, PolyNetwork received 28,953 Ethereum and 1,032 Wrapped Bitcoin amounting to $141 Million this week. With all the funds back, PolyNetwork has indicated that will focus on restoring the platform to full functionality.
There will be a network upgrade on 30 Aug 2021 from UTC 0330 to 1000
The upgrade includes all features to enable the bridge. However, there is still a dependency for PolyNet to be fully operational to go live and they've made good progress. Follow their progress at @PolyNetwork2 pic.twitter.com/LjYVdYK7Tf
— Zilliqa (@zilliqa) August 23, 2021
As for the security loophole that Mr. White Hat exploited, PolyNetowrk has fixed it permanently. The network has even reportedly awarded $500,000 as “Bounty” to Mr. White Hat for discovering the security flaw.
Although the platform is now secure, it is not clear how many current members, as well as potential subscribers, will trust PolyNetwork with their assets.
Poly Network says they will now send $500k to the hacker – and pleads with them to release the remaining $235 million of stolen assets:#polynetworkhack pic.twitter.com/x3pvuzVE8r
— Tom Robinson (@tomrobin) August 18, 2021
The entire episode and the amount of money involved were quite a big shock to the cryptocurrency community. However, the theft quickly brought competing platforms together.
The majority of platforms dealing with cryptocurrencies confirmed they would not accept the stolen funds, and vowed to blacklist the digital tokens and wallets. Some industry experts claim such unity and solidarity might have played a big role in ensuring the digital assets found their way back home.