Poly Network hacker returns $342 million of stolen assets

Hacker states that they are “not very interested in money”

Darkened image of a hacker wearing a hoodie using computing equipment

The hacker behind what is considered to be the biggest cryptocurrency heist in history has now returned $342 million (£247 million) worth of stolen assets.

This is according to Poly Network, a blockchain platform that fell victim to the virtual robbery on Tuesday, having lost $610 million (£440 million) worth of Ether, Binance, and USDC tokens.

The company made the announcement on its Twitter page, that as of 8pm UTC (9pm BST) on Thursday, it had been reunited with $256 million worth of BSC, $4.6 million Ethereum, and $85 million Polygon – more than half of the total stolen assets.

“The remaining is $268M on Ethereum,” Poly Networks stated.

The hacker behind the heist started returning the stolen cryptocurrency tokens on Wednesday afternoon following an open letter published by the company, urging the hackers to “establish communication”. It also asked miners of affected blockchain and crypto exchanges to "blacklist tokens” associated with the hacker’s wallet.

Meanwhile, the hacker decided to explain their reasoning behind the heist by publishing a three-page Q&A which was found embedded in the Ethereum transactions sent to Poly Networks by the hacker.

In the Q&A, which was shared by Elliptic chief scientist & co-founder Tom Robinson, the hacker stated that they hack “for fun” and that they are “not very interested in money”. They added that the stolen assets would be returned in due time in order to preserve their identity:

Related Resource

IT Pro 20/20: Does cyber security's public image need a makeover?

Issue 18 of IT Pro 20/20 looks at recent efforts to retire the 'hacker' stereotype, and how the threat landscape has changed over the past 20 years

IT Pro 20/20 Issue 18: Does cyber security's public image need a makeover?DOWNLOAD NOW

“I understood the risk of exposing myself even if I don’t do evil,” they said, before adding that they “prefer to stay in the dark and save the world”.

They also alluded to the fact that they might be a white hat hacker, saying that they chose to steal the assets in order to make the public aware of the bug found in Poly Network’s system and prevent the platform from patching it “secretly without any notification”.

However, according to London-based blockchain analytics and compliance company Elliptic, the hacker is unlikely to escape the consequences of their actions:

“Whatever the motivation for the hack, these events have demonstrated how difficult it is [to] profit from theft or any other illicit activity using cryptoassets. The transparency of the blockchains allowed crowd-sourced, real-time collaboration between protocol developers, stablecoin issuers, blockchain analytics companies and the wider community, to ensure the hacker would not be able to disappear with the stolen assets,” its analysis stated.

“Despite the return of the funds, the hacker might well still find themselves being pursued by the authorities. Their activities have left numerous digital breadcrumbs on the blockchain for law enforcement to follow, aided by blockchain analytics tools.”

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Russia's "politically motivated" REvil raid could be used as leverage, experts warn
ransomware

Russia's "politically motivated" REvil raid could be used as leverage, experts warn

17 Jan 2022
Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp
phishing

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp

21 Dec 2021
Five things to consider before choosing an MFA solution
Security

Five things to consider before choosing an MFA solution

17 Dec 2021
Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
cyber crime

Australia and US sign CLOUD Act data-sharing deal to support criminal investigations

16 Dec 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Sony pulls out of MWC 2022
Business operations

Sony pulls out of MWC 2022

14 Jan 2022
Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022