- Hackers breach Poly Network security and bag over $600 million
- After lengthy negotiations, the hacker returned most of the funds
- Was it a white hat hack, or a crime?
- Why did Poly Network offer the culprit compensation?
YEREVAN (CoinChapter.com) – Poly Network interoperability platform lost over $600 million in various cryptocurrencies on August 10 due to the largest crypto heist in DeFi history. Dubbed “Mr. White Hat” by the network, the hacker returned most of the funds after lengthy negotiations.
In detail, the hacker swiped over $268 million in Ethereum tokens, combined with well over $300 million worth of other cryptocurrencies. They also took an additional $85 million in USDC on the Polygon network.
On Thursday, Poly Network confirmed that most of the funds returned safely. The recovered sum includes $268m worth of Ethereum tokens and $342m in three other tokens.
Tom Robinson, the co-founder of Elliptic, a London-based blockchain analytics firm, told the BBC that a portion of the stolen funds remains in the hacker’s hands.
“The hacker still holds $33.4m of stolen Tether [tokens] – because it has been frozen by Tether themselves,”commented the analyst.
Mr. Robinson also tweeted the extensive negotiations with the hacker, starting from the very first response.
Negotiations with Mr. White Hat
In hindsight, the network tried to contact the culprit right after the heist, sending out a tweet and hoping to establish contact with the hacker.
In several public tweets, the Poly Network referred to the hacker as Mr. White Hat, which is not a coincidence. “White hat” is a common name for ethical security researchers. They breach an organization’s security system to discover possible flaws, then confront the company in question, offering details of the hack.
The response didn’t keep Poly waiting. Instead, according to the hacker’s claim, they committed the crime “for fun” and slapped the Poly Network to increase their security measures.
Poly Network allegedly offered the hacker compensation for returning the stolen funds.
“Since we believe that your action is white hat behaviour, we plan to offer you a $500,000 [reward] “was the exact message from the Network, according to Mr. White Hat.
White hat or not?
While Poly’s motives behind calling the hacker White Hat are clear, not all experts agree with the premise. For example, Katie Paxton-Fear, a white hat hacker herself and a lecturer at Manchester Metropolitan University found the comparison quite inaccurate.
She commented that the hacking process for the benefit of security is fundamentally different from the Poly heist. The lecturer added that the essential rule is to “no harm.” Unfortunately, the crypto hacker didn’t follow that rule, putting users’ assets at risk.
Moreover, the Poly Network’s offer of compensation also sparked controversy. Ms. Paxton-Fear called Poly’s move “paying off.” However, Charlie Steele, a former FBI and Department of Justice official was concerned about the illegality of Poly’s actions.
“Private companies have no authority to promise immunity from criminal prosecution,”he commented, citing the $500,000 offer.
As the most notorious DiFi hack details continue to unfold, more information on the case emerges. However, the person behind the hack is still anonymous, and the Poly Network’s actions evoke further discontent. The culprit returned most of the stolen funds but still holds on to a partially frozen portion by the Tether blockchain.