Follow-up to the $600 million theft in the cryptocurrency world: Hackers begin refunding money

Original title: Follow-up to the shocking theft of $600 million in the "cryptocurrency circle": hackers begin refunding Source: Wall Street News

Poly Network announced that it was hacked and assets worth more than $610 million were looted in more than 30 minutes. But the theft took a turn for the better on Wednesday: more than $4.8 million in funds have been returned. Some analysts said this shows that even if crypto assets can be stolen, money laundering and cashing out are very difficult.

On Tuesday, Poly Network announced that it had been hacked, and assets worth more than $610 million were looted in more than 30 minutes, including 302 million USDT, 55,000 ETH, 2,000 Bitcoins and other tokens. The scale of $610 million means that this is one of the largest hacker thefts in the history of the cryptocurrency industry.

Poly Network claims to be the world's leading "lightweight" heterogeneous chain cross-chain interoperability protocol. The cross-chain interoperability protocol is a decentralized financial protocol (DeFi) that runs on Binance Smart Chain, Ethereum and Polygon blockchains and can be used for liquidity mining. In this incident, hackers attacked through a vulnerability in the Poly Network protocol.

However, the theft took a turn for the better: the hackers began to refund. The hackers sent a message embedded in a cryptocurrency transaction to Poly Network saying that they were "ready to return" the funds. Poly Network responded by saying that it hoped the hackers would send the money to three cryptocurrency addresses.

Media reports said that as of noon London time on Wednesday, more than $4.8 million in funds had been returned to the above address. However, although some of the ill-gotten gains were returned, the hacker began to seek donations.

Regarding the hacker's refund, the financial blog Zerohedge quoted Tom Robinson, chief scientist of blockchain analysis company Elliptic, as saying: "This shows that due to the transparency of blockchain and the use of blockchain analysis technology, even if encrypted assets can be stolen, money laundering and cashing out are very difficult. In this case, the hacker believes that the safest option is to return the stolen assets."

In fact, the hacker did make a lot of attempts to transfer the stolen money after the attack. First, in the on-chain transfer message, he asked the world how to use Tornado.cash, an anonymous transfer platform on Ethereum, to mix coins. Records show that about an hour after Poly announced the hack on Twitter, the hacker tried to transfer assets including USDT to the liquidity pool Curve Finance through the Ethereum address, but the transaction was rejected. Tether CTO Paolo Ardoino blacklisted the hacker's address and froze the USDT in the address. However, the hacker still managed to transfer some USDC to the liquidity pool of Curve Finance, which also means that it will be almost impossible to recover these USDC.

Researchers from security company SlowMist tweeted that they have obtained the hacker's email, IP and device fingerprints, and are tracking possible identity clues related to the hacker. This hacker attack is likely a long-term planned, organized and prepared attack.

Cross-chain developer O3 Labs believes the hacker may be a "white hat" who wants to draw attention to security flaws. This is not the first time a hacker has returned stolen coins.

Overall, DeFi attacks are increasing. According to Blockchain Trends, there were more than 60 DeFi attacks in 2020, with a total loss of approximately $250 million. The Poly Network attack alone was more than twice the amount of the entire year of 2020.

The most famous theft in the cryptocurrency world is the "MT.Gox Incident" in the past. The whereabouts of the lost bitcoins are still unknown. MT.Gox is a bitcoin exchange located in Tokyo, Japan. It started bitcoin trading as early as 2010. Due to its early participation and few competitors, it once became the world's largest bitcoin exchange, and its trading volume accounted for as much as 80% of the world. In February 2014, MT.Gox announced that it had lost about 750,000 bitcoins belonging to customers and 100,000 bitcoins of the platform itself. As a result, the MT.Gox exchange announced its closure and filed for bankruptcy.

Cryptocurrencies were stable on Wednesday, with both Bitcoin and Ethereum rising slightly. According to Coinmarketcap data, Bitcoin rose 2.9% in the last 24 hours to above $46,000, while Ethereum rose 4% to above $3,200.