Breathe a sigh of relief at Poly Network. Almost all of the stolen cryptocurrencies worth USD 600 million were returned by the attacker. This now calls for a scavenger hunt for his identity.
The serious attack on the cross-chain protocol Poly Network sent shock waves through the entire crypto space and beyond. Even the daily News reported on the coup in which a stranger exploited a vulnerability in Poly Network to pull cryptocurrencies worth over USD 600 million from the log. Now the Poly Network team can take a deep breath: the attacker has returned almost all of the sum stolen. This was announced by the project on the evening of August 12th via Twitter.
Now around 33.4 million USDT are still waiting to return home to the Poly Network. The funds were received immediately after the hack frozen, in other words: The company Tether Labs has blacklisted the address of the white hat. Tether CTO Paolo Ardoino has meanwhile declared that the activation will only take place if it is ensured that the PolyNetwork bridges across the blockchain are secure.
Poly Network wants to reward hackers with USD 500,000 – but he waves it away
The Poly Network team has been communicating with the hacker over the Ethereum Blockchain in the past few days. Poly Network has offered the hacker that he can keep $ 500,000 in crypto assets of his choosing once the repayment is complete. Furthermore, one does not seek any criminal consequences.
We hope that you can return all tokens as soon as possible. You can reserve the equivalent of $ 500,000 in any asset to the current owner’s address. We will offset this portion of the assets to Poly Network users. Your contribution is very helpful to us. Again, we think this behavior is white hat behavior, so this $ 500,000 is considered completely legal [Bug] Bounty viewed. We will also ensure that you will not be held accountable for this incident and we will publicly express our gratitude to you.
Meanwhile, the hacker is confident that his identity is still unknown. He even offers other hackers a reward if they can find out his identity within a month.
If a hacker can find my identity within a month, I’d like to send them a personal gift. Otherwise, I will reveal another reference to my identity – or not. Do you want to play?
Hacker starts a scavenger hunt for his identity
Previously, he had already given three pointers:
1. Not a native English speaker
2. “High-Profile Hacker” …
3. … who has been dealing with the matter since he was young.
A hardworking bee from the Poly Network Community has commendably made the effort to summarize both the communication and the status quo of the remittances in a Google document. At the time of going to press, the latest notification was still missing. In it, the Poly Network Hacker praises various blockchain security companies for their efforts in clearing up the hack.
Thank you, Slow Mist Team. The other security teams don’t appear to be as active, but they did help explain details of the exploit. I think Certik were the first to publish the missing part on the Onotology appeal. Peckshield also reported on the initiating transaction and the special signatory. Congratulation!
Meanwhile, the Poly Network team warns its users not to fall for fraudulent Telegram channels pretending to be Poly Network. The official channel can be found at https://t.me/polynetworkgroup.