News

Attackers stole $600 million from the Chinese DeFi platform Poly Network

It looks like a new record has been set in the field of cryptocurrency robberies. On August 10, 2021, unknown hackers stole over $600 million worth of cryptocurrency from the Poly Network decentralized financing platform.

The attackers transferred funds from the platform to cryptocurrency addresses under their control. The following wallets of the criminals have already been identified:
  • BinanceSmartChain: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71
  • Ethereum: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963
  • Polygon: 0x5dc3603C9D42Ff184153a8a9094a73d461663214

The distribution of stolen assets is as follows:

The Poly Network administration explains that the hackers exploited the vulnerability, which is the _executeCrossChainTx function between calls to the contract.

Attackers used this feature to transmit carefully crafted data to alter the custodian of the EthCrossChainData contract.the company explained to The Record.

That is, the attack allowed hackers to declare themselves the owners of any funds processed by the platform.

The Poly Network reported the incident and reached out to the crypto community for help, asking other platforms and exchanges to track the hackers and freeze their assets. In response, representatives from Huobi, Tether, OKEx and Binance said that they managed to freeze some of the stolen assets, but this is only a small part of what was stolen.

SlowMist specialists prepared a detailed analysis of the incident. Experts claim that they were able to trace the attacker’s ID and identify his email address, IP address and fingerprinting the device.

Meanwhile, the Poly Network itself posted an open letter on Twitter asking the attackers to return funds to avoid escalating the incident. And while there have been cases in the past where hackers have returned stolen funds to cryptocurrency platforms (mostly in an effort to avoid prosecution), most users only laughed at the naivety of Poly Network.

Dear hacker, we are the Poly Network team. We would like to contact you and urge you to return the hacked assets. The amount you stole is the largest in DeFi history. Law enforcement agencies in any country will consider this a serious economic crime, and you will be prosecuted. It is very unwise to make any further transactions. The funds you stole belong to tens of thousands of members of the crypto community, which means people. You should talk to us to find a solution.reads the open letter.

Meanwhile, Bleeping Computer found transactions sent to attackers with money laundering advice and requests for free cryptocurrency. It looks like these tips are coming from other hackers.

Journalists note that in response to the advice not to transfer blocked USDT, the attacker sent the user 13.37 Ethereum tokens (“leet“) in the amount of $41,474.

Let me remind you that we also talked about the CryptoCore hacker group that have stolen $200 million linked to North Korea.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Kurlibat.xyz pop-up ads (Virus Removal Guide)

Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…

1 day ago

Remove Initiateintenselyrenewedthe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove Wotigorn.xyz pop-up ads (Virus Removal Guide)

Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…

1 day ago

Remove Initiateintenselyprogressivethe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…

1 day ago

Remove Nuesobatoxylors.co.in pop-up ads (Virus Removal Guide)

Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove Helistym.xyz pop-up ads (Virus Removal Guide)

Helistym.xyz is a site that tries to force you into clik to its browser notifications…

1 day ago