Advertisement

Crypto Exchange Offers Hacker a $500k 'Thank-You Bounty' for Draining $600m

The hacker, who apparently did it 'for fun,' still has to return some of the stolen funds.

Three days ago, we brought you news of what was called the biggest heist ever. At the time, Poly Network, a decentralized finance (DeFi) firm working on interoperability of crypto coins was hacked and multiple cryptocurrencies were transferred out. The company claimed that the value of those cryptocurrencies was estimated to be $600 million.

Within a day of carrying out this hack, the crypto thief paid back coins worth $260 million. Now, it seems the thief will be awarded $500,000 by the Chinese blockchain company for discovering the weakness that allowed them to steal the funds in the first place, according to The Register.

“We appreciate you sharing your experience and believe your action constitutes white hat behavior... Since, we believe your action is white hat behavior, we plan to offer you a $500,000 bug bounty after you complete the refund fully,” the thief wrote in their transaction metadata quoting a message allegedly received from Poly Network.

The hacker wrote a two-part Q&A on his actions shared by Tom Robinson, chief scientist at crypto-coin analysis house Elliptic.

The hacker revealed that they had no interest in keeping the money and was just looking to raise awareness of the hole in Poly Network's security. They described themselves as a “a high-profile hacker in the real world” working in the security industry and a non-native English speaker.

Meanwhile, Poly Network released a statement where it referred to the hacker as “Mr. White Hat,” and revealed it hadn't recovered all the stolen tokens yet. “To achieve the goal of full recovery of both assets and cross-chain services, the team will continue to communicate with Mr. White Hat actively to retrieve the final key,” the firm added. 

Follow Us on

Stay on top of the latest engineering news

Just enter your email and we’ll take care of the rest:

By subscribing, you agree to our Terms of Use and Privacy Policy. You may unsubscribe at any time.