$ 600 million stolen from Chinese DeFi platform Poly Network

$ 600 million stolen from Chinese DeFi platform Poly Network

It looks like a new record has been set in the field of cryptocurrency heists. On August 10, 20201, unknown hackers stole over $ 600 million worth of cryptocurrency from the Poly Network decentralized financing platform.

The attackers transferred funds from the platform to cryptocurrency addresses under their control. The following wallets of the criminals have already been identified:

The distribution of stolen assets is as follows:

The Poly Network administration explains that the hackers exploited the vulnerability, which is the _executeCrossChainTx function between calls to the contract.

“Attackers used this feature to transmit carefully constructed data to change the custodian of the EthCrossChainData contract,” the company explained to reporters.The attack allowed hackers to declare themselves the owners of any funds processed by the platform.

The Poly Network reported the incident and reached out to the crypto community for help, asking other platforms and exchanges to track the hackers and freeze their assets. In response, representatives Huobi, Tether, OKEx and Binance reported that they managed to freeze some of the stolen assets, but this is only a small part of what was stolen.

A detailed analysis of the attack is already prepared specialists of the SlowMist company. Experts claim that they were able to trace the attacker’s ID and identify his email address, IP address and fingerprinting the device.

Meanwhile, the Poly Network itself posted an open letter on Twitter asking the attackers to return funds to avoid escalating the incident. And while there have been cases in the past where hackers have returned stolen funds to cryptocurrency platforms (mostly in an effort to avoid prosecution), most users only laughed at the naivety of Poly Network.

“Dear hacker, we are the Poly Network team. We would like to contact you and urge you to return the hacked assets. The amount you stole is the largest in DeFi history. Law enforcement agencies in any country will consider this a serious economic crime, and you will be prosecuted. It is very unwise to make any further transactions. The funds stolen by you belong to tens of thousands of members of the crypto community, and therefore to people. You should talk to us to find a solution, ”reads the open letter.

Meanwhile, edition Bleeping Computer detected transactions sent to attackers with tips on money laundering and requests for free cryptocurrency. It looks like these tips come from other hackers.

$ 600 million stolen from Chinese DeFi platform Poly Network

Journalists note that in response to the advice not to transfer blocked USDT, the attacker sent user 13.37 Ethereum tokens (“leet») In the amount of 41,474 US dollars.

Related Posts