Posted on August 11, 2021 at 5:06 PM
Hackers Steal Record $600M in One of the Largest Cryptocurrency Heists
On Wednesday, August 11, Poly Network, a decentralized finance (DeFi) crypto platform, reported a loss of around $600 million in digital assets. This is one of the largest hacks in the crypto sector.
The DeFi platform announced details of the hack in a Twitter post, where it also revealed the digital wallet addresses to which the assets were transferred. Poly Network urged cryptocurrency brokers to blacklist these digital assets.
The network stated that the value of the stolen assets was slightly above $600,000. The network did not give more details about the hack and failed to mention whether law enforcement agencies were investigating the theft. However, the network stated it would be taking legal action against the hackers and even urged them to return the funds to the network’s digital addresses.
This hack was one of the largest thefts in the cryptocurrency sector. In 2018, Coincheck, a Tokyo-based cryptocurrency exchange, lost $530 million in a similar event. Another exchange in Tokyo, Mt. Gox, was forced to shut down after $500 million worth of BTC was stolen.
Hackers Returning Funds
In a statement to the hackers, Poly Network urged them to return the stolen funds. The platform mentioned that the hack was one of the largest in DeFi history and that the hackers had committed a major economic crime.
The plea by Poly Network seems to have caught the attention of hackers, given that on Wednesday, some of the stolen funds started being returned. The hacker embedded a message in a crypto transaction stating they would return the funds. In response, Poly Network gave them three crypto addresses that they would use to deposit the stolen funds. As of writing, the hacker had returned more than $4.7 million to the provided addresses.
As soon as the hackers stole the money, they sent it to three cryptocurrency addresses. A tweet by SlowMist stated that researchers had uncovered the hackers’ IP, device fingerprints and mailbox. The researchers were also “tracking possible identity clues related to the Poly Network attacker.” SlowMist also added that the hack was most likely a “long-planned, organized and prepared attack.”
The issuer of the Tether has stated that around $33 million worth of the stablecoin has been frozen. Binance’s CEO, Changpeng Zhao, also stated that he was aware of the attack on the Poly Network. Zhao added that Binance would collaborate with its cybersecurity team to help Poly Network recover the funds. However, the CEO also added that “there are no guarantees.”
Poly Network is a popular DeFi platform. DeFi is a term used to describe platforms that offer financial services based on blockchain technology. DeFi is assumed to be better than traditional financial systems, as it eliminates the need for intermediaries, hence lowering costs.
With DeFi, financial processes such as lending and borrowing are made easier and cheaper, hence the rapid growth of this sector. The Poly Network enables users to exchange tokens across different blockchains to allow interoperability.
DeFi attacks on the rise
The recent attack on Poly Network comes when DeFi related fraud has been on the rise. Hacking and fraud cases related to decentralized finance have hit an all-time high, increasing risk exposure to investors. DeFi has become the newest target for attacks because of the explosive growth of the sector this year.
From January 2021 to July 2021, hacks related to DeFi have increased to around $361 million. This is a three-fold increase compared to 2020, as reported by CipherTrace, a digital asset compliance firm. During these seven months, DeFi related fraud accounted for 54% of total fraud cases related to cryptocurrencies. In 2020, these fraud cases accounted for a mere 3%.
The most popular types of crimes in the DeFi sector are rug pulls and hacks. A hack is an incident similar to the Poly Network hack when an outsider steals funds on the DeFi platform. However, a rug pull is when an insider, mostly the DeFi platform founders, run away with investor funds.
Recently the US Securities and Exchange Commission charged Blockchain Credit Partners and two executives for a $30 million fraudulent dealing. This is the first case that the SEC has filed involving the DeFi sector.
The development comes a week after Gary Gensler, the SEC chair, stated that Congress needed to develop more regulations for the DeFi sector to protect investors. Gensler made the remarks during the Aspen Security Forum last Tuesday, and whilst the news caused a buzz in the crypto sector, the recent report by CipherTrace that DeFi crimes have reached a seven-month high could necessitate these regulations.