CRIMINAL CRYPTO CAPITALI$M
$600 million gone: The biggest crypto theft in historyA vulnerability in Poly Network allowed the thief to make off with the funds, the platform said Tuesday, begging the attacker to return the money.
By Brian Fung, CNN Business
Wed August 11, 2021
Washington (CNN Business)Hackers have stolen some $600 million in cryptocurrency from the decentralized finance platform Poly Network, in what it says is the largest theft in the industry's history.
A vulnerability in Poly Network allowed the thief to make off with the funds, the platform said Tuesday, begging the attacker to return the money.
"The amount of money you hacked is the biggest one in the defi history," Poly Network wrote in a letter to the attacker it posted to Twitter. "The money you stole are from tens of thousands of crypto community members... you should talk to us to work out a solution."
Poly Network urged other members of the cryptocurrency ecosystem to "blacklist" the assets coming from addresses used by the attacker to siphon away the funds — which included a mix of various coins including $33 million of Tether, according to Tether's CTO. The cryptocurrency exchange Binance said it was "coordinating with all our security partners to actively help." Poly Network links together the blockchains of multiple virtual currencies to create interoperability among them.
Following the hack, Poly Network established several addresses to which it said the attacker could return the money. And it appears the hacker is cooperating: As of 7:47 a.m. ET Wednesday, Poly Network said, it had received about $4.7 million back. It was not immediately clear who was behind the hack or why the money is being returned.
Regulators have increased their scrutiny of crypto platforms as investors pour billions of dollars into digital currencies. Senator Elizabeth Warren recently asked SEC Chair Gary Gensler to investigate the SEC's ability to oversee trading on crypto platforms.
In response, last week, Gensler said: "Right now, I believe investors using these platforms are not adequately protected."
Hackers return portion of record crypto heist haul
Agence France-PresseAugust 11, 2021
Hacker over a screen with binary code. (Shutterstock)
A firm specializing in transferring cryptocurrency said Wednesday that hackers have sent back a portion of the digital loot from a record haul.
Poly Network fired off a tweet saying it had received about $4.8 million worth of the stolen assets back, hoping for more from the online heist potentially valued at more than $600 million.
Poly Network had put out a plea for the stolen Ethereum, BinanceChain and OxPolygon tokens to be shunned by traders running "wallets" for storing cryptocurrency.
"The amount of money you hacked is the biggest one in the defi history," Poly Network said Tuesday in a tweeted message to the thieves, using a reference to decentralized finance involving cryptocurrency.
"The money you stole are from tens of thousands of crypto community members."
The return of some of the digital loot came as cyber "white hat" security experts scrutinize the theft and track the thieves.
Blockchain system defense firm SlowMist valued the Poly Network heist at more than $610 million and put out word it is on the hacker's trail.
"The SlowMist security team has grasped the attacker's mailbox, IP, and device fingerprints through on-chain and off-chain tracking, and is tracking possible identity clues related to the Poly Network attacker," the company said in a blog post.
Poly Network threatened police involvement, but also offered the hackers the chance to "work out a solution."
The US Department of Justice and FBI did not respond to requests for comment.
"We are sorry to announce that #PolyNetwork was attacked" and assets transferred to hacker-controlled accounts, the company said in a series of tweets.
Poly Network posted online addresses used by the hackers, and called on "miners of affected blockchain and crypto exchanges to blacklist tokens" coming from them.
Poly Network did not reply to an AFP request for comment, but Twitter users echoed calculations valuing the hackers' haul at some $600 million.
As of the end of April, cryptocurrency thefts, hacks and fraud so far this year totaled $432 million, according to an analysis by CipherTrace.
"While this number may appear to be small when compared to previous years, a deeper look reveals an alarming new trend -- DeFi-related hacks now make up more than 60 percent of the total hack and theft volume," CipherTrace said in a posted report.
That compares to 2019, when defi hacks were virtually non-existent, according to CipherTrace.
No comments:
Post a Comment