• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Articles
  • News
  • Events
  • Advertize
  • Jobs
  • Courses
  • Contact
  • (0)
  • LoginRegister
    • Facebook
    • LinkedIn
    • RSS
      Articles
      News
      Events
      Job Posts
    • Twitter
Datafloq

Datafloq

Data and Technology Insights

  • Categories
    • Big Data
    • Blockchain
    • Cloud
    • Internet Of Things
    • Metaverse
    • Robotics
    • Cybersecurity
    • Startups
    • Strategy
    • Technical
  • Big Data
  • Blockchain
  • Cloud
  • Metaverse
  • Internet Of Things
  • Robotics
  • Cybersecurity
  • Startups
  • Strategy
  • Technical

Explainer-How hackers stole $613 million in crypto tokens from Poly Network

Reuters / 3 min read.
August 12, 2021
floq.to/ttiXW

By Gertrude Chavez-Dreyfuss and Michelle Price

WASHINGTON (Reuters) – Hackers pulled off the biggest ever cryptocurrency heist on Tuesday, stealing $613 million in digital coins from token-swapping platform Poly Network, only to return $260 million https://www.reuters.com/technology/defi-platform-poly-network-reports-hacking-loses-estimated-600-million-2021-08-11 worth of tokens less than 24 hours later, the company said. Here’s what we know so far about the heist.

WHAT IS POLY NETWORK?

A lesser-known name in the world of crypto, Poly Network is a decentralized finance (DeFi) platform that facilitates peer-to-peer transactions with a focus on allowing users to transfer or swap tokens across different blockchains.

For example, a customer could use Poly Network to transfer tokens such as bitcoin from the Ethereum blockchain to the Binance Smart Chain, perhaps looking to access a specific application.

It was not immediately clear from Poly Network’s website where the platform is based or who runs it. According to specialist crypto website Coindesk, Poly Network was launched by the founders of Chinese blockchain project Neo.

HOW DID HACKERS STEAL THE TOKENS?

Poly Network operates on the Binance Smart Chain, Ethereum and Polygon blockchains. Tokens are swapped between the blockchains using a smart contract which contains instructions on when to release the assets to the counterparties.

One of the smart contracts that Poly Network uses to transfer tokens between blockchains maintains large amounts of liquidity to allow users to efficiently swap tokens, according to crypto intelligence firm CipherTrace.

Poly Network tweeted on Tuesday that a preliminary investigation found the hackers exploited a vulnerability in this smart contract.

According to an analysis of the transactions tweeted by Kelvin Fichter, an Ethereum programmer, the hackers appeared to override the contract instructions for each of the three blockchains and diverted the funds to three wallet addresses, digital locations for storing tokens. These were later traced and published by Poly Network.

The attackers stole funds in more than 12 different cryptocurrencies, including ether and a type of bitcoin, according to blockchain forensics company Chainalysis.

A person claiming to have perpetrated the hack said they had spotted a “bug,” without specifying, and that they wanted to “expose the vulnerability” before others could exploit it, according to digital messages posted on the Ethereum network published by Chainalysis. Reuters could not verify the authenticity of the messages.

WHERE DID THE MONEY GO?

As of late Wednesday, the hackers had returned $260 million of the assets, Poly Network said, but $353 million was outstanding. It is unclear where the remaining assets have gone.

Coindesk reported on Tuesday that the hackers had tried to transfer assets including tether tokens from one of the three wallets into liquidity pool Curve.fi, but that transfer was rejected. About $100 million has been moved out of another of the wallets and deposited into liquidity pool Ellipsis Finance, Coindesk also reported.

Curve.fi. and Ellipsis Finance could not immediately be reached for comment.

WHO IS THE HACKER?

The hacker or hackers has not yet been identified.

Cryptocurrency security firm SlowMist said on its website that it has identified the attacker’s mailbox, internet protocol address, and device fingerprints, but the company has not yet named any individuals. SlowMist said the heist was “likely to be a long-planned, organized and prepared attack.”

Despite the purported hacker posing as a so-called “white hat”, an ethical hacker who aimed to identify the vulnerability for Poly Network and had “always” planned to give the money back, according to the messages published by Chainalysis, some crypto experts are skeptical.

Gurvais Grigg, chief technology officer at Chainalysis and former FBI veteran, said it was unlikely that white hat hackers would steal such a large sum. He said they had probably returned some of the funds because it had proved too difficult to convert them into cash.

“It’s hard to know the motivation … Let’s see the if they return the whole amount,” he added.

(Reporting by Michelle Price in Washington and Gertrude Chavez-Dreyfuss in New York; editing by Richard Pullin)

Categories: News
Tags: analysis, application, rates, security, technology

About Reuters

Primary Sidebar

E-mail Newsletter

Sign up to receive email updates daily and to hear what's going on with us!

Publish
AN Article
Submit
a press release
List
AN Event
Create
A Job Post

Jobs

  • Software Engineer | South Yorkshire, GB - February 07, 2023
  • Software Engineer with C# .net Investment House | London, GB - February 07, 2023
  • Senior Java Developer | London, GB - February 07, 2023
  • Software Engineer – Growing Digital Media Company | London, GB - February 07, 2023
  • LBG Returners – Senior Data Analyst | Chester Moor, GB - February 07, 2023
More Jobs

Tags

AI Amazon analysis analytics application Artificial Intelligence BI Big Data business China Cloud Companies company crypto customers Data design development digital engineer engineering environment experience future Google+ government Group health information learning machine learning mobile news public research security services share skills social social media software solutions strategy technology

News

  • Britain, U.S. to work together on AI safety, says Sunak
  • Mercedes-Benz beats Tesla for California’s approval of automated driving tech
  • Wingtech-owned Nexperia denied German subsidy
  • AI startup Cohere raises funds from Nvidia, valued at $2.2 billion
  • US and UK back new ‘Atlantic Declaration’ for economic cooperation
More News

Related Online Courses

  • Oracle Cloud Data Management Foundations Workshop
  • Data Science at Scale
  • Statistics with Python
More courses

Footer


Datafloq is the one-stop source for big data, blockchain and artificial intelligence. We offer information, insights and opportunities to drive innovation with emerging technologies.

  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Recent

  • 5 Reasons Why Modern Data Integration Gives You a Competitive Advantage
  • 5 Most Common Database Structures for Small Businesses
  • 6 Ways to Reduce IT Costs Through Observability
  • How is Big Data Analytics Used in Business? These 5 Use Cases Share Valuable Insights
  • How Realistic Are Self-Driving Cars?

Search

Tags

AI Amazon analysis analytics application Artificial Intelligence BI Big Data business China Cloud Companies company crypto customers Data design development digital engineer engineering environment experience future Google+ government Group health information learning machine learning mobile news public research security services share skills social social media software solutions strategy technology

Copyright © 2023 Datafloq
HTML Sitemap| Privacy| Terms| Cookies

  • Facebook
  • Twitter
  • LinkedIn
  • WhatsApp

In order to optimize the website and to continuously improve Datafloq, we use cookies. For more information click here.

settings

Dear visitor,
Thank you for visiting Datafloq. If you find our content interesting, please subscribe to our weekly newsletter:

Did you know that you can publish job posts for free on Datafloq? You can start immediately and find the best candidates for free! Click here to get started.

Not Now Subscribe

Thanks for visiting Datafloq
If you enjoyed our content on emerging technologies, why not subscribe to our weekly newsletter to receive the latest news straight into your mailbox?

Subscribe

No thanks

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Marketing cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.

Please enable Strictly Necessary Cookies first so that we can save your preferences!