+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

The hacker behind the biggest heist in crypto is now refusing to return the remaining funds

Aug 19, 2021, 15:03 IST
Representative imagePixabay
  • The Poly Network hacker, ‘Mr White Hat’, has refused to cooperate and return the stolen coins; wants $33 million worth of stablecoins to be unfrozen.
  • To make things comfortable for the attacker, the Poly Network team has offered a $500,000 bounty for discovering the exploit.
  • Getting back the stolen funds is of utmost priority as pressure from thousands of victims continues to mount.
Advertisement
The Poly Network hack happened two weeks ago, but the saga is far from over. The anonymous hacker — dubbed ‘Mr White Hat’ by the Poly Network team — managed to steal $614 million in digital coins. After returning a portion of the funds, they are now refusing to cooperate and are stalling the Poly Network team.

The hack is considered the largest crypto heist to date, and there seems to be little the Poly Network team can do except request the hacker to return the stolen coins peacefully.

The attacker — or attackers — are communicating with the Poly Network team via the transaction data field within the Ethereum blockchain. According to blockchain-tracking portal Etherscan, the mysterious hacker is operating as "Poly Network Exploiter 1".

Your essays are very convincing while your actions are showing your distrust, what a funny game. You don’t [sic] even think to unlock my USDT account.

Poly Network Exploiter 1 wrote on the Ethereum blockchain

The USDT account the attacker is referring to has $33 million in stablecoins. Tether has frozen the funds, and that is irking the perpetrator the most.

The communication from the hacker indicates that he has no qualms in holding onto the stolen coins for an indefinite period. Soon, the Poly Network team got back to him with a message saying, "We still hope you can provide the key to us this week because thousands of users are waiting to get their assets back.
Advertisement


I am not ready to publish the key in this week [sic]… Here is one thing that you can always trust me: [sic] Holding BTC and ETH is better than trading them.

Poly Network Exploiter 1 wrote on the Ethereum blockchain

The Poly Network hack took place on August 10, and the hacker returned $256 million worth of coins the next day. The hacker created a token called ‘The hacker is ready to surrender’ and sent it to the designated Polygon address as a show of cooperation.

The Poly Network hacker has been offered $500,000 as a bounty


To make things comfortable for the attacker, the Poly Network team has offered a $500,000 bounty for discovering the exploit. It is prepared to send 160 ETH — equivalent to $500,000 — to the attacker's address, a gesture the hacker has rejected. The attacker has also been given an option to become an advisor for the decentralised finance or (DeFi) project.

Money means little to me, some people are paid to hack, I would rather pay for the fun. If the Poly don’t give the imaginary bounty, as everyone expects, I have well enough budget to let the show go on.

Poly Network Exploiter 1 wrote on the Ethereum blockchain

Poly Network refers to the hacker as ‘Mr White Hat’ — a reference to ethical hackers who search for vulnerabilities and help organisations fix them. It's not clear why the hacker is withholding access to the final tranche of assets.

Poly Network controls around $330 million of the stolen assets, while stablecoin operator Tether has frozen $33 million of them pending a legal process. According to Chainalysis, hackers find it extremely difficult to get rid of their heist or encash it because the blockchain is transparent, putting every transaction detail out in the open.
Advertisement

"With the inherent transparency of blockchains and the eyes of an entire industry on you, how could any cryptocurrency hacker expect to escape with a large cache of stolen funds?" the company wrote in its report. "In most cases, the best they could hope for would be to evade capture as the funds sit frozen in a blacklisted private wallet."

It's impossible to know the hacker's intention — whether his actions were an ethical attack or an actual heist. However, the underlying motive doesn't seem to be of consequence for the Poly Network team right now.

I trust some of their code, I would praise the overall design of the project, but I never trust the whole poly team.

Poly Network Exploiter 1 wrote on the Ethereum blockchain

Getting back the stolen funds is of utmost priority as pressure from thousands of victims continues to mount. The attack is also a wake-up call for governments and regulators to take cryptocurrency regulation seriously. Currently, in a grey area, there's close to zero accountability, posing a considerable risk for the future of DeFi.

“Regardless of their intentions, we’re of the belief that this sort of publicity stunt hurts the perception of the virtual asset economy in the eyes of the public,” said AnChain.AI founder and CEO Victor Fang.

Advertisement
DeFi-related frauds are on the rise, and according to CipherTrace, the first seven months of the year accounted for 54% of total crypto fraud volume versus 3% for all of last year.

For a more in-depth discussion, come on over to Business Insider Cryptosphere — a forum where users can deep dive into all things crypto, engage in interesting discussions and stay ahead of the curve.

SEE ALSO:
Dogecoin Foundation’s new advisory board includes Ethereum co-founder Buterin and Elon Musk’s representative Birchall
India’s crypto bill will still have a few hurdles to clear before becoming a law, even if the Cabinet approves
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article