Hackers Behind the Poly Network Cryptocurrency Hack Return The Stolen Funds
What Went Wrong in the Biggest Cryptocurrency Theft Ever?
Last updated on August 12, 2021
Yesterday we looked into the biggest cryptocurrency hack that ever happened, today we talk about how the attackers decided to give back the money they have stolen during it.
Yes, you heard it right! The cybercriminals behind the Chinese Internet protocol Poly Network attack who have stolen approximately $600 million worth of cryptocurrency assets began to return it, as shared by the organization on Twitter.
So far, the hacker has reimbursed $256 million Binance Smart Chain (BSC) tokens, $3.3 million in Ethereum tokens, and $1 million in USD Coin (USDC) on the Polygon network, but decided to keep the rest of it for the negotiations with the cross-chain DeFi protocol.
In order to have back in its account all the assets that have been stolen, Poly still needs to receive the difference of $269 million on Ethereum and $84 million on Polygon.
Why Did the Attackers Return the Money to Poly Network?
It’s not the first time the hackers said they are willing to return the stolen assets, which made many believe that the attack may have been meant to show the Chinese company it needs better protection against cybercriminals, just like a white-hat hacker would do.
A white-hat hacker (a good hacker) is a computer security expert whose job is to breach secured networks in order to test their security.
On the other side, chief scientist at blockchain analytics firm Elliptic Tom Robinson thinks that giving back the stolen cryptocurrency shows that even if you can steal it, laundering and converting them might be an inconvenience “due to the transparency of the blockchain.”
It could also be the blockchain security company SlowMist announcement that they have identified the cybercriminal’s ID, email address, IP information, and device fingerprint.
The firm also stated that the hacker’s resources were initially in monero (XMR), but were swapped for BNB, ETH and MATIC, and other tokens that were used to sponsor the cyberattack.
This attack is mainly because the keeper of the EthCrossChainData contract can be modified by the EthCrossChainManager contract, and the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute the data passed in by the user through the _executeCrossChainTx function.
Therefore, the attacker uses this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract.
As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.