Poly Network hacker returns $342 million of stolen assets

Darkened image of a hacker wearing a hoodie using computing equipment
(Image credit: Shutterstock)

The hacker behind what is considered to be the biggest cryptocurrency heist in history has now returned $342 million (£247 million) worth of stolen assets.

This is according to Poly Network, a blockchain platform that fell victim to the virtual robbery on Tuesday, having lost $610 million (£440 million) worth of Ether, Binance, and USDC tokens.

The company made the announcement on its Twitter page, that as of 8pm UTC (9pm BST) on Thursday, it had been reunited with $256 million worth of BSC, $4.6 million Ethereum, and $85 million Polygon – more than half of the total stolen assets.

“The remaining is $268M on Ethereum,” Poly Networks stated.

The hacker behind the heist started returning the stolen cryptocurrency tokens on Wednesday afternoon following an open letter published by the company, urging the hackers to “establish communication”. It also asked miners of affected blockchain and crypto exchanges to "blacklist tokens” associated with the hacker’s wallet.

Meanwhile, the hacker decided to explain their reasoning behind the heist by publishing a three-page Q&A which was found embedded in the Ethereum transactions sent to Poly Networks by the hacker.

In the Q&A, which was shared by Elliptic chief scientist & co-founder Tom Robinson, the hacker stated that they hack “for fun” and that they are “not very interested in money”. They added that the stolen assets would be returned in due time in order to preserve their identity:


IT Pro 20/20: Does cyber security's public image need a makeover?

Issue 18 of IT Pro 20/20 looks at recent efforts to retire the 'hacker' stereotype, and how the threat landscape has changed over the past 20 years


“I understood the risk of exposing myself even if I don’t do evil,” they said, before adding that they “prefer to stay in the dark and save the world”.

They also alluded to the fact that they might be a white hat hacker, saying that they chose to steal the assets in order to make the public aware of the bug found in Poly Network’s system and prevent the platform from patching it “secretly without any notification”.

However, according to London-based blockchain analytics and compliance company Elliptic, the hacker is unlikely to escape the consequences of their actions:

“Whatever the motivation for the hack, these events have demonstrated how difficult it is [to] profit from theft or any other illicit activity using cryptoassets. The transparency of the blockchains allowed crowd-sourced, real-time collaboration between protocol developers, stablecoin issuers, blockchain analytics companies and the wider community, to ensure the hacker would not be able to disappear with the stolen assets,” its analysis stated.

“Despite the return of the funds, the hacker might well still find themselves being pursued by the authorities. Their activities have left numerous digital breadcrumbs on the blockchain for law enforcement to follow, aided by blockchain analytics tools.”