Crypto burglars have stolen more than $611 million from Poly Network, a cross-chain protocol for swapping tokens across various blockchains, in what has been described as the largest decentralized finance or (DeFi) security breach in history.
The thieves hacked Poly Network on DeFi exchanges Polygon, Ethereum and Binance Smart Chain. Assets stolen on the Polygon network include $266 million in Ethereum tokens, $253 million in tokens on Binance Smart Chain and $85 million in USDC, a digital stablecoin that is pegged to the U.S. dollar, Blockworks reported.
Poly Network announced the attack in a tweet at 8:38 a.m. on Aug. 10 and published the address where the hacker transferred the stolen the bitcoin and ethereum. It also asked crypto exchanges and miners to block any tokens coming from the published addresses. The team behind the protocol also promised legal action and asked the hacker to return stolen assets.
Hong Kong-based stablecoin Tether, which mirrors the price of the U.S. dollar, froze more than $30 million in response to the hack, Tether chief technology officer Paul Adroino tweeted.
The crypto market was not impacted by the hack
The market has not been impacted significantly as of this writing. Ethereum and bitcoin went down by less than 2 percent following the announcement but both regained lost ground and then some. Bitcoin was trading at $46,384.81 and ethereum at $3,255.65 as of this writing.
“Surprisingly, the market has not been affected much, despite $600 million being exploited, which is pretty significant.” said Michael Tant, business analyst at Inside. “I think that is telling of the market that we are in. DeFi has survived so many individual hacks and exploits that people are less scared of their assets going to zero as a result.”
Crypto markets mostly operate outside of U.S. jurisdiction and outside of regulations that seek to protect investors and consumers. The asset class is plagued by “fraud, scams and abuse,” according to Gary Gensler, chairman of the Securities and Exchange Commission.
U.S. regulator could get more aggressive
Gensler said last week that the U.S. regulator could get more aggressive in policing crypto trading, lending platforms and stablecoins using existing rules. He called on Congress to give the SEC more resources and scope to oversee the sector, Wall Street Journal reported.
“We just don’t have enough investor protection in crypto. Frankly, at this time, it’s more like the Wild West,” Gensler said in a prepared statement to the Aspen Security Forum. “We have taken and will continue to take our authorities as far as they go.”
The root cause of the hack was a cryptography issue, which is unusual, according to Igor Igamberdiev with The Block Research.
As a result of the hack, O3, a trading pool that uses Poly Network to trade tokens among different blockchains, has had to suspend its cross-chain functionality, The Block Crypto reported.
Poly Network is working with the hacker to recover the stolen assets
Blockchain security firm SlowMist sent out a news alert saying it had tracked down the attacker’s ID. It claimed to know the attacker’s email address, IP information and device fingerprint. The hacker then sent a transaction from one of the wallets containing the stolen funds back to the same wallet. It included this message: “IT WOULD HAVE BEEN A BILLION HACK IF I HAD MOVED REMAINING SHITCOINS! DID I JUST SAVE THE PROJECT? NOT SO INTERESTED IN MONEY, NOW CONSIDERING RETURNING SOME TOKENS OR JUST LEAVING THEM HERE.”
Poly Network identified three addresses that it hoped the attacker would return the funds to. The attacker subsequently started returning some of the stolen crypto assets — at least $4.7 million in tokens — to those addresses, The Block Crypto reported.
On Twitter, some people reacted to news of the hack with humor.
“Defi.. lovely idea. But now who do we complain to? Batman?” asked Andy @MistahCrypto.
Poly Network was launched by Da Hongfe, the founder of Chinese blockchain project Neo, in partnership with Ontology and Switcheo.
Image: Credit: thomaguery / istock
Listen to GHOGH with Jamarlin Martin | Episode 74: Jamarlin Martin Jamarlin returns for a new season of the GHOGH podcast to discuss Bitcoin, bubbles, and Biden. He talks about the risk factors for Bitcoin as an investment asset including origin risk, speculative market structure, regulatory, and environment. Are broader financial markets in a massive speculative bubble?