The recent cryptocurrency theft involving Poly Network, which saw hackers exploit a vulnerability to transfer $610 million, has taken a surprising turn as the hacker has returned nearly half of the stolen funds amounting to $260 million to the victim organization.
Poly Network, a company specializing in interoperability between different blockchains, fell victim to the attack earlier this week when hackers managed to change the address of the “keeper role” of a blockchain contract, allowing them to withdraw funds at will. Following the incident, Poly Network took to Twitter to urge the attackers to return the money, warning them of the legal consequences of their actions.
In a surprising twist, the hacker behind the attack posted a three-page ‘Q&A’ on Twitter, claiming that their intention was always to return the funds and emphasizing that they were not motivated by money. The hacker stated that their actions were meant to highlight vulnerabilities in the system and educate others about the risks involved in the cryptocurrency space.
Poly Network has confirmed that $260 million in assets have been returned, including $3.3 million worth of Ethereum, $256 million worth of Binance Coin, and $1 million worth of Polygon. However, a significant portion of the stolen funds, totaling $269 million in Ethereum and $84 million in Polygon, remains unrecovered.
Security experts have weighed in on the incident, with Arseny Reutov from Positive Technologies highlighting the challenges of withdrawing large sums of money in cryptocurrency and the potential use of blacklisting to prevent further movement of the stolen funds. BitK, a technical ambassador at YesWeHack, emphasized the importance of bug bounty programs as a preventive measure to identify and address vulnerabilities before they are exploited by malicious actors.
This incident serves as a stark reminder of the risks associated with the cryptocurrency industry and the importance of robust security measures to protect against attacks. As businesses navigate the evolving landscape of digital assets, collaborating with ethical hackers through bug bounty programs can help mitigate the risks of cyber threats and safeguard against potential vulnerabilities.