Advertisement

Hackers Steal $600M In One of The Biggest Cryptocurrency Heists Ever

And the target was a finance firm that works on crypto interoperability.

Hackers Steal $600M In One of The Biggest Cryptocurrency Heists Ever
Hackers are targeting cryptocurrencies JuSun/ iStock

In what is called the biggest heist ever, PolyNetwork, a decentralized finance (DeFi) firm working on interoperability of crypto coins was hacked and multiple cryptocurrencies were transferred out. The company claims that the value of those cryptocurrencies is estimated to be $600 million, the BBC reported.

Update: The hackers are returning stolen crypto to PolyNetwork

The hackers have returned hundreds of millions of dollars in cryptocurrency, with $260 million returned as of 1:28 PM EDT, according to a tweet from Polygon.

The $260 million is comprised of $3.3 million in Ethereum, $256 million in BSC, and $1 million in Polygon. As of roughly 1:30 PM EDT, roughly $269 million remained to be returned on Ethereum, in addition to another $84 million on Polygon. Obviously, why the hackers are returning their stolen money remains unclear, but it could be anything from cold feet at the prospect of stealing hundreds of millions of dollars (and thus being pursued by law enforcement), to the possibility that the hackers are already caught, and returning their funds from a government order. Both possibilities remain pure speculation, as of writing.

Cryptocurrencies work on blockchain technology and each coin uses its own blockchain that is unique and isolated from the rest. DeFi platforms, such as PolyNetwork, work to make them interoperable. Hackers exploited a vulnerability in the company's "contract calls" and took away thousands of crypto coins. PolyNetwork revealed that $267m of Ether, $252m of Binance coins, and roughly $85 million in USDC were taken out. 

Since blockchain is a public ledger, the company was quick to identify the virtual address where these currencies were deposited and alerted cryptocurrency networks to block further deposits from the addresses. 

Changpeng Zhao, chief executive of Binance, a cryptocurrency, whose coins were stolen during the hack, tweeted that his company would "proactively help" but there were "no guarantees." 

PolyNetwork also took to Twitter to reach out to the hacker to inform him that "the heist was the biggest ever" and he had "committed a major economic crime". The company wants him to contact them and set up a way to return the assets.

Advertisement

The security company, Slow Mist, claimed that the crypto coins had been transferred to three different addresses and the company had “grasped the attacker’s mailbox, IP, and device fingerprints” and were “tracking possible identity clues", according to CNBC report

DeFi is the new target for hackers. De-Fi hack losses have risen to $361 million in 2021, while they were unheard of in 2019, says CipherTrace, a cryptocurrency intelligence firm. De-Fi hacks also account for 76 percent of all major hacks this year.  

Update (11 Aug, 05:20 am): Updated to include details from Binance, Slow Mist, and CipherTrace. 

Follow Us on

Stay on top of the latest engineering news

Just enter your email and we’ll take care of the rest:

By subscribing, you agree to our Terms of Use and Privacy Policy. You may unsubscribe at any time.