More Than $600 Million of Cryptocurrencies Stolen in Massive Hack (UPDATE)

Poly Network said hackers found a way into its system and then stole thousands of digital tokens with an estimated value of more than $600 million.


Image via Getty/krisanapong detraphiphat


UPDATED 8/12, 10:25 a.m. ET: Poly Network’s plea worked, at least to a degree. As of early Thursday, the hacker had returned $342 million of the stolen currency, leaving $268 million still missing. Poly stated on Wednesday that $260 million had been returned.

$342 million (As of 12 Aug 08:18:29 AM +UTC) of assets had been returned:
Ethereum: $4.6M
BSC: $252M
Polygon: $85M

The remaining is $268M on Ethereum

— Poly Network (@PolyNetwork2) August 12, 2021

“A person claiming to have perpetrated the hack said they did it ‘for fun’ and wanted to ‘expose the vulnerability’ before others could exploit it, according to digital messages shared by Elliptic, crypto tracking firm, and Chainalysis,” Reuters reported. “It was ‘always the plan’ to return the tokens, the purported hacker wrote, adding: ‘I am not very interested in money.’”

In a tweeted update, the team—referring to the hacker as “Mr. White Hat”—said, “We look forward to Mr. White Hat returning all of the remaining user assets as stated by him, and we will continue to work hard to achieve this goal.”

— Poly Network (@PolyNetwork2) August 12, 2021

See original story below.

The blockchain site Poly Network said hackers found a way into its system and then stole thousands of digital tokens with an estimated value of more than $600 million, making it perhaps the biggest cryptocurrency heist ever.

Poly Network is a Defi (meaning decentralized finance) provider that lets users move tokens on one blockchain to another network.

The company posted a letter to Twitter asking the thief to “establish communication” while simultaneously urging them to give back the stolen assets voluntarily. The letter claimed that the two sides should work out a solution, while also implying law enforcement would pursue the suspect regardless of wherever they’re living:

— Poly Network (@PolyNetwork2) August 10, 2021

Poly Network says a preliminary investigation discovered that whoever’s responsible for the digital heist exploited a “vulnerability between contract calls.” According to BBC News, the Network also called upon various exchanges to disallow deposits of the coins after millions of bucks worth of the tokens were moved to different cryptocurrency wallets.

It was reported that shortly after the hack took place the crypto company Tether froze about $33 million in USDT tokens connected to the wallet address of the alleged hacker. That’s according to Tether’s chief technology officer:

. @Tether_to just froze ~33M $USDt on 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963 as part of the #PolyNetwork hack

— Paolo Ardoino 🍐 (@paoloardoino) August 10, 2021

Forbes reports that the Blockchain-based security firm SlowMist also put out a statement shortly after the breach that claimed to have the hacker’s email and IP address, and was trying to figure out additional clues that would point to the person’s identity. 

The stolen currency broke down to about $267 million worth of Ether, $252 million worth of Binance coins, and about $85 million of USDC coins. 

Binance’s chief executive, Changpeng Zhao, said that that company’s been informed of the hack. He added that Binance intends to do “as much as we can” but preceded that vow with a less assuring statement that said “[t]here are no guarantees.”

We are aware of the exploit that occurred today. While no one controls BSC (or ETH), we are coordinating with all our security partners to proactively help. There are no guarantees. We will do as much as we can. Stay #SAFU. 🙏

— CZ 🔶 Binance (@cz_binance) August 10, 2021

Latest in Life