Crypto hackers return large parts of the loot
The hackers, who stole more than $ 600 million in cryptocurrencies on Tuesday, are gradually returning the loot. It is said to have been a demonstration of a security hole.
In any case, it was the biggest theft in the still young history of Decentralized Finance (Defi). More than $ 600 million worth of crypto assets had disappeared from the blockchains of Ethereum, Binance, and Polygon. The target of the apparently well-prepared attack was the US company Poly Network, which specializes in the cross-chain transfer of cryptocurrencies.
Contents
Poly Network puts the gun on the attacker’s chest
Immediately after the successful hack, the company concerned contacted the hacker (s) via Twitter with an open letter:
“Dear hackers, we would like to get in touch with you and urgently ask you to return the hacked assets. Law enforcement agencies in each country will consider this a serious economic crime. You are being followed. It is therefore very unwise to carry out further transactions. ”The warning is followed by a request:“ You should speak to us to work out a solution. ”
Back transfers start out narrow and then get higher and higher
Only a few hours later, Poly Network recorded a small return transfer with “Ready to return the fund” in its note field. In the night of Thursday, the company then received increasingly large return transfers, which reached individual magnitudes of up to nine digits. The hacker (s) commented on the first transfer with the note “The hacker is ready to surrender”.
Again and again, the Poly Network received return transfers that were provided with different messages. For example, that “it could have been a billion-dollar robbery if the remaining shitcoins had also been stolen”. But one is “not so interested in money”.
As a result, the hacker (s), although the sole perpetrator of an individual seems likely, put a downright FAQ on the #Polynetworkhack in front. This was published by Elliptic founder Tom Robinson, who specializes in crypto security, via Twitter.
Hacker wants to present himself as a benefactor
It is of course completely unclear to what extent the statements in the FAQ mentioned, i.e. a format of questions and their associated answers, are truthful. Let us assume that they tell the actual story behind the hack, so it would not have been an attack with the aim of stealing cryptocurrencies, but a particularly sensational form, targeting existing security gaps in the cross-chain solution from Poly Network.
According to his own statements, the hacker was initially tempted to simply point out the deficiency to Poly Network. But then it would have been feared that the company would secretly, quietly and quietly remedy the error, according to the perpetrator (s). However, the intention was precisely to make the potential risks in the decentralized financial world obvious, so that an awareness arises that makes such deficiencies less likely in the future.
This is the attacker’s version. It is also possible that fear simply rules and that an attempt is now being made to save what could still be saved by invoking a kind of whistleblower status, so to speak.
Chinese security firm has seized potential leads on suspects
Like the Chinese cybersecurity company Slowmist claimed on medium, she already has a suspect in mind. Both the attacker’s email address and IP address as well as his device-specific data should have been secured. Slowmist assumes a long-planned and professionally executed attack. The hacker rejects that. He “just wanted to save the world” and was more or less forced to do so.
