Hackers return $260 million to crypto platform Poly Network after massive theft

1
Picture illustration of person posing with laptop in front of projection with word 'cyber' and binary code in Zenica

A person wearing a balaclava is silhouetted as he poses with a laptop in front of a screen projected with the word ‘cyber’ and binary code, in this picture illustration taken in Zenica Oct. 29, 2014. (File photo from REUTERS)

LONDON/SINGAPORE/HONG KONG — The hacker or hackers behind one of the biggest ever cryptocurrency heists have returned over a third of around $600 million in stolen digital coins, a blockchain researcher said on Wednesday.

Poly Network, a decentralized finance platform that facilitates peer-to-peer transactions, announced the hack on Twitter, posting details of digital wallets to which the tokens were sent.

The value of the coins in the wallets was just over $600 million at the time of the announcement, according to blockchain analysts.

Poly Network later urged the hackers to return the stolen funds to several of its digital addresses, saying it planned to take legal action.

By late afternoon around $258 million in stolen tokens had been returned, according to public blockchain records and crypto tracking firm Elliptic.

Tom Robinson, Ellipic’s co-founder, said the extraordinary move could have been prompted by the headaches of laundering stolen crypto on such a scale.

Poly Network did not respond to requests for further details about the heist or the return of the funds. It was not immediately clear where the platform is based, or whether any law enforcement agency was investigating the heist.

The size of the theft was comparable with the $530 million in digital coins stolen from Tokyo-based exchange Coincheck in 2018. The Mt. Gox exchange, also based in Tokyo, collapsed in 2014 after losing half a billion dollars in bitcoin.

The latest attack comes as losses from theft, hacks and fraud related to decentralized finance (DeFi) hit an all-time high, raising the risk of both investing in the sector and of regulators looking to shake it down.

DeFi platforms allow financial transactions, usually in cryptocurrency, without traditional gatekeepers such as banks or exchanges. The sector has boomed over the last year, with platforms now handling more than $80 billion worth of digital coins.

Poly Network allows users to swap tokens across different blockchains.

Stolen crypto

The retrieval of some of the tokens underscores the difficulty of laundering large amounts of stolen crypto.

“There’s so much public attention on this, and exchanges will be on the lookout for customer deposits linked to this theft,” Elliptic’s Robinson said.

“This demonstrates that even if you can steal cryptoassets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the broad use of blockchain analytics by financial institutions.”

The hacker or hackers sent a message with some of the returned coins appearing to ask for donations, Robinson added.

The stolen funds amount to more than the criminal losses registered by the entire DeFi sector from January to July of a record $474 million, according to a report from crypto intelligence company CipherTrace.

Proponents of DeFi say it offers people and businesses free access to financial services, arguing that the technology will cut costs and boost economic activity.

Yet it is mostly unregulated, with technical flaws and weaknesses in the code many platforms use, leaving it vulnerable to hacks and heists.

An executive from Tether — a stablecoin or type of cryptocurrency usually backed by real-world world assets — said on Twitter the company had frozen $33 million connected with the hack, and top management at large crypto exchanges responded to Poly Network saying they would also try to help.

ATM

Read more...