The last few days were a rollercoaster ride for the Poly Network as they saw one of their largest hacks take place. Luckily, it only took just over a day to see all funds restored and returned by someone who cannot be identified at this time on record in an attempt to cover up his tracks from law enforcement or any other trail that could lead him straight into jail.
Reports by Chainalysis indicate that the threat actor began sending $260.97 million worth of digital currency back to three Poly Network addresses. But as it stands now (as of press time), they have only managed to return around 1% of what was stolen ($611 million).
We learned that POLYGON-Peg USDC, Binance-Peg BTCB, BNB, and RenBTC have been given back while other currencies are still missing.
The attacker is still hiding in their network. The attacker’s tweet from June 18th specified that around $269 million worth of Ethereum and $84 million worth of polygon were stolen during this attack.
They also noted: “The attacker communicated with Poly Network via Ether transaction note during this process.” This means that the hacker was tampering with transactions to send messages back-and-forth while trying not to get caught!
Back to the question of the day…
How Fortunate Can We Get – Will The Attacker Return The Rest of The Funds?
Well, there are no solid indications that the attacker will keep returning the funds. Still, one of their addresses is now empty and another holds some USDC- although none in BTC or ETH – which may be an indication they were being used to buy coins on margin before liquidating them into cash.
As reported by top financial agencies, many blockchain investigation companies have already begun to investigate the breach of protocol security. The exact way that hackers are breaching it is unknown but there’s no need for fear as experts say they’ll find out soon enough.
Blockchains’ cybersecurity has always been something we’ve taken for granted but that is quickly changing with more attacks happening every day – according to too many blockchain investigation agencies who want access to this information to determine what went wrong or if it can happen again!
The hackers might have been able to get their hands on Poly’s private keys or there was a bug in the signing process that led them to be successful.
According to BlockSec, a Chinese blockchain security firm, it is possible that someone got hold of Poly’s private key and used this information for the attack. It could also be because they had found some kind of vulnerability during the signature process which allowed them access into smart contracts without any type of credentials required from users themselves.
Cryptocurrency is on fire these days with an estimated market cap exceeding half a trillion dollars at present value but recent cybersecurity breaches have caused many people around the world to question just how safe cryptocurrencies are from external attacks? The latest hacking incident resulted in quite panic among investors.
The hacker’s initial source of funds was Monero (XMR), which they quickly exchanged to BNB, ETH, and MATIC on the exchanges. On-site security staff found that SlowMist has indeed been hacked by this criminal organization.
The company detailed: “With technical support from our partner Hoo & multiple exchanges, we’ve found that the attacker used a variety of methods including XMR for sale to buy BTC using an exchange API key then convert it into other cryptocurrencies such as BNB/ETH//MATIC.”