The hacker stole $610 million from PolyNetwork
About a week after a hacker stole $610 million from PolyNetwork in what was arguably the largest heist in the history of so-called decentralized finance, the victim offered his attacker a job.
The hacker claimed that the attack on the PolyNetwork platform — which allows users to exchange tokens across multiple blockchains — was an act of “hacking for good” to “save the project.” The attacker has since promised to return the money and has delivered about half of it so far.
PolyNetwork has responded by praising the hacker, calling it “Mr. White Hat,” a term used to describe “ethical” hackers who find vulnerabilities in computer networks and alert companies and organizations to fix them.
On Tuesday, out of gratitude or perhaps even annoyance, PolyNetwork offered Mr. White Hat a job as “chief security consultant.”
The identity of the hacker is not yet known, nor is it clear whether Mr. White Hat is a single person or group of attackers.
“To express our gratitude and encourage Mr. White Hat to continue to contribute to the advancement of security in the blockchain world with PolyNetwork, we cordially invite Mr. White Hat to become the Chief Security Adviser of PolyNetwork to be,” the company said in a statement. “Once again, it is important to reiterate that PolyNetwork has no intention of holding Mr. White Hat legally responsible as we are confident that Mr. White Hat will immediately return full control of the assets to PolyNetwork and its users. ”
Meanwhile, PolyNetwork is still struggling to recover all of its customers’ money. After the hacker returned half of the network’s assets, the hacker deposited the rest — about $235 million — into a joint account protected by two keys needed to unlock the funds. One of the keys was given to PolyNetwork and the hacker kept the other.
PolyNetwork begged Mr. White Hat to hand in his key so that the money has been accessible ever since. The hacker has yet to do this, despite the job offer and another offer that allows the hacker to keep $500,000 of the money.
The hacker’s behavior has baffled experts, who are trying to trace the money since they were initially stolen.
“There have been many DeFi hacks, but there have been no ongoing talks between the hacker and the project,” said Tom Robinson, co-founder of blockchain forensics firm Elliptic Enterprises Ltd., in an interview. “It appears that the hacker wants to maintain some control over the money. It feels to me like the hacker has a bit of an ego. He wants to hold some attention.”
Researchers from cryptocurrency research firm Chainalysis Inc. speculated that PolyNetwork’s stance may be a tactical decision aimed at getting all of their money back from Mr. Satisfy White Hat with money, awards and titles.
“Perhaps PolyNetwork involves trusting the attacker in an effort to convince them to do the right thing and pay back the money as soon as possible so they can start restarting their business,” said Gurvais Grigg, chief technology officer for the company. global public sector. from Chainalysis, in a text message.
“While it remains to be seen how this strange story will play out, I can say that this is not typical behavior of real white hat hacker(s). The good news is that the blockchain is transparent and we, along with the cryptocurrency community, have our eyes on the funds.”
DeFi apps — which allow people to borrow, borrow and trade coins without using middlemen — have recently become frequent targets of attacks as they gain popularity. According to crypto security firm CipherTrace Inc. was raised about $156 million from DeFi hacks in the first five months of this year, more than the $129 million stolen in such attacks in all of 2020.
(Except for the headline, this story has not been edited by NewsMadura staff and has been published from a syndicated feed.)