The menace actor who hacked Poly Community’s cross-chain interoperability protocol yesterday to steal over $600 million price of cryptocurrency belongings is now returning the stolen funds.
AAs the Chinese language decentralized finance (DeFi) platform Poly Community shared two hours in the past, the hacker has already returned virtually $260 million worth of stolen cryptocurrency.
In whole, the attacker has transferred again $256 million Binance Sensible Chain (BSC) tokens, $3.3 million in Ethereum tokens, and $1 million in USD Coin (USDC) on the Polygon community.
To ship again all of the stolen funds, the hacker nonetheless has to return one other $269 million on Ethereum and $84 million on Polygon.
Motives behind returning the stolen belongings unknown
The menace actor explained the motivation for the hack by embedding Q&A messages in transactions (as Elliptic Chief Scientist and Co-founder Tom Robinson discovered), the motives behind their determination to provide again the stolen cryptocurrency aren’t but recognized.
Nonetheless, it may have been prompted by blockchain safety agency SlowMist’s claims that it traced the attacker’s e mail tackle, IP tackle, and machine fingerprint.
SlowMist additionally found that the belongings used to fund the assault have been Monero (XMR) exchanged to BNB, ETH, MATIC, and different tokens.
In a bizarre twist of occasions, Poly Community additionally urged the hacker to return the cryptocurrency stolen from “1000’s of crypto neighborhood members” to keep away from touchdown on law enforcement’s radar.
— Poly Community (@PolyNetwork2) August 10, 2021
The most important cryptocurrency hack ever
Following a preliminary investigation of the assault, Poly Community said the menace actor exploited a vulnerability between contract calls which allowed them to realize possession of funds and switch them to attacker-controlled wallets:
“This assault is especially as a result of the keeper of the EthCrossChainData contract will be modified by the EthCrossChainManager contract, and the verifyHeaderAndExecuteTx operate of the EthCrossChainManager contract can execute the information handed in by the person by means of the _executeCrossChainTx operate,” SlowMist additional explained.
“Subsequently, the attacker makes use of this operate to go in rigorously constructed information to switch the keeper of the EthCrossChainData contract.”
After Poly Community disclosed the assault, Binance CEO Changpeng Zhao said the corporate was coordinating with safety companions to remediate the scenario.