Cryptocurrency Hacker Returns $260 Million After ‘Not Being Interested In Money’
A cryptocurrency hacker behind one of the biggest heists to date has returned $260 million due to ‘not being interested in money’.
The heist saw $600 million (£433 million) in cryptocurrency stolen, however the hacker decided to return nearly half of the money.
Poly Network, the firm from which the money was stolen, wrote a letter on Twitter on Tuesday, August 10, reaching out to the individual to ‘work out a solution’.
The hacker subsequently posted a response pledging to return the funds, due being ‘not very interested in money’.
On Wednesday, Poly Network confirmed via Twitter it had indeed received $260 million of the stolen sum back. The money was given back via three different cryptocurrencies, including $256m worth of Binance Smart Chain (BSC), $3.3m worth of Ethereum and $1m worth of Polygon.
While the hacker has returned nearly half of the original amount stolen, a total of $269m in Ethereum tokens and $84m in Polygon tokens has yet to be recovered.
According to Tom Robinson, co-founder of Elliptic, a London-based blockchain analytics and compliance firm, the hacker essentially published a self-interview, via a three-page-long Q&A session on one of the blockchains.
A blockchain is a a log of every single transaction made with a cryptocurrency, such as Bitcoin.
The log is then distributed to all the network’s users to verify all of the new transactions when they occur. This is instead of the log being held just by one single authority.
The hacker claimed on Twitter that they planned to return the tokens. They also said that the heist was actually carried out to highlight vulnerabilities in the Poly Network software.
The hacker said that they decided to carry out the heist ‘for fun’ and that ‘cross chain hacking is hot’, which is why they chose Poly Network.
They went on to say that the Poly Network has a ‘sophisticated system’ and ‘believe it or not’ they were ‘forced to play the game’.
The hacker then detailed how they went about carrying out the heist and the reasons behind it; after ‘debugging all night’ they ‘crafted a single message to the ontology network’. While they planned to launch a ‘cool blitzkrieg to take over the four network’, a ‘keeper’ prevented them from doing so and ‘ruined’ their plan.
Subsequently, they then decided to ‘let the show go on’ and not stop there, due to fears that Poly Network would ‘patch the bug secretly without any notification’. They explained how they were ‘pissed by the poly team for their initial response’ and then proceeded to take the ‘important tokens’ but ‘didn’t sell any of them’.
Robinson, an advisor for governments and law enforcement agencies about crypto-related crimes, told BBC News: ‘Either they just intended to commit theft and steal the assets, or they were acting like a white hat hacker to expose a bug, to help Poly Network make themselves more strong and secure.’
I wonder whether this hacker stole the funds, realised how much publicity and attention they were getting, realised wherever they moved the funds they would be watched, and decided to give it back.
The blockchain itself has operated here flawlessly, but the problem is on blockchains like Ethereum, you can write your own smart contracts. Various services have started offering this, including Poly Network.
So whenever a human being writes code, there’s a chance they will make a mistake.
Poly Network’s platform works by helping aid the movement between several blockchains when people trade one cryptocurrency for another. For example, BSC being traded for Ethereum.
James Chappell, co-founder of London-based cyber-security firm Digital Shadows, told BBC News how the Poly Network is ‘ultimately’ software or ‘code’ and that ‘code always has imperfections and defects in it’.
He added this is ‘true of banks, or any financial system’. Chappell said what happened here is that ‘a party has spotted a weakness in the implementation and exploited it to fool the network into transferring these tokens incorrectly’.
In the last 12 months, several other services have been subject to similar attacks. February saw Yearn Finance have $11m stolen by hackers, Alpha Finance $37m and Meerkat Finance had £32m stolen in March.
The Poly Network hacker has claimed they are planning to return all or at least most of the stolen money. They said: ‘The pain suffered is temporary, but memorable.’
One cyber-security company said that the network may even have been close to working out the identity of a suspect, which could have meant the hacker then got scared and decided to return the money.
If you have a story you want to tell, send it to UNILAD via [email protected]
Most Read StoriesMost Read