PolyNetwork Hack A Timeline
The reason for writing this article is to collect this once-in-a-lifetime textbook case of white-hat hacking in my memoirs before it gets lost in the digital deluge.
For the uninitiated -
10th August 2021 — Poly Network tweeted this -
Important Notice: We are sorry to announce that #PolyNetwork was attacked on
@BinanceChain @ethereum and @0xPolygon Assets had been transferred to hacker's following addresses: ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963 BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71
What followed was a series of tweets explaining the extent of loss and the addresses orchestrating the hack. The money lost was in tunes of $611 Million
This Ethereum Address had the biggest hack money ever! Only through these images you can sense the gravity of the situation!
This hack was monumental and had the power to push back DeFi and Crypto as a whole with USA (Crypto) Infrastructure Bill on the cusp of senate vote. Any untoward incident would have caused havoc. Let’s face it what USA does , rest of the world follows.
PolyNetwork tried reaching out to the hacker with a spirited emotional appeal :
Now here comes the Best Part. This guy is an ethical hacker and he only did all this to “save” the PolyNetwork from the exploits both internal/foreign. Mr WhiteHat released a series of Q&A to bring a ladder to the chaos. All the following conversation is taking place through Notes on Ethereum transaction
@tomrobin wrote
For those that are asking — these messages were embedded in ethereum transactions sent from the account controlled by the hacker
1) TL;DR — Mr. Whitehat doesn’t trust anyone with such large sums of money hence taking the temporary custody for fun. The ‘security expert’ wants to remain anonymous
2) TL;DR — HECO chain is technically superior >> ETH/BSC/Polygon; He doesn’t like that they painted him a villain without even contacting him
Tweet from the team
3) Grabbing popcorn and watching the fun
TL;DR — Why Returning? It was always the plan. Mr WhiteHat is talking with team to prove his dignity
Progress being made. Money Flowing back in.
4) A Thief (read Man) With A Code
TL;DR — He doesn’t need money. He likes to do it for adrenaline rush and bone-chilling experience it brings along with it. Talk about coding prowess!
5) A long explanation
TL;DR — His identity is well protected, he made it sure. Gave subtle clues about his identity — not a native English speaker. Challenging the community to find him. Its all a game for him.
PolyNetwork Team offered him cash reward as bug bounty of $500K
@tomrobin writes
The Poly Network hacker is now saying that they were offered a $500k bounty to return the stolen assets — but that they will not be claiming it. (They have now returned pretty much all of the stolen assets — except the ~$33m in USDT frozen by tether)
All’s Well That Ends Well
The best part about this whole thing was how all the biggies of Industry swiftly came forward and supported the action — Binance’s CZ, Huobi’s Du Jun, OKex, Tether, O3 Labs and so on
Crypto is a wonderful space! This is a classical textbook case.
Dying Embers? Gloating continues
✔️Best Indian Cryptocurrency Exchange : PocketBits[Code = BU99-C047]
No Shit Coins |Fastest Customer Care| No INR Banking Issues | Passive Income Staking
✔️Best Global Cryptocurrency Exchange : Binance [Code = 10288382]
All Major Coins| Passive Income |Simple App | Learning Resources
✔️Best Upcoming Global Crypto Exchange : KuCoin [Code = 21u3d]
Freebies| High Potential Small Caps | Pool Staking | High Liquidity
✔️Best DeFi Passive Income Platform : Celsius Network[Code = 197823bd97]
No Min. Deposit| Great UX | Realistic Interest | Fixed Supply CEL rewards
✔️Nexo Finance — For DeFi Growth
Highest Interest | No need to download App | Swap Available | No Spam Mailers • (Tip : Transfer coins from Binance via XLM & then swap into USDT. You will save $7 worth of USDT)️
✔️Get PAID for just reading and/or writing articles — Publish0x
Publish0x High Quality Articles | Crypto Payments | $AMPL | $iFarm
✔️ Second Best Global Exchange Huobi [ Invite Code = bzra2223 ]
Highest Rewards | Binance’s Alternative | Everyone Gets Rewards | Twitter Campaigns | Regulatory Compliant ( Tip : Don’t Keep All Your Eggs in One B̶I̶N̶A̶N̶C̶E̶ BASKET)