YAY! There are Good Guys Out-There ETHICAL HACKING: The Poly Network Platform

For readers of this blog this is a happy follow-up to an earlier post - refreshing to see this made available online by Reuters in New York and London

Thu 12 Aug 2021 22.04 EDT

Last modified on Thu 12 Aug 2021 22.14 EDT

‘White hat’ hacker behind $610m crypto heist returns most of money

the Guardian

Photograph: Bloomberg/via Getty Images

 

Insert start of copy and then you can read all of it from the source

"Hackers behind one of the biggest-ever digital coin heists have now returned nearly all of the $610m-plus they stole, the cryptocurrency platform targeted this week by the attack says.

The Poly Network platform, which was little known before Tuesday’s heist, on Thursday declared the hacker on Twitter to be a “white hat”, referring to ethical hackers who generally aim to expose cyber vulnerabilities, upon the return of the funds.

Poly Network, which facilitates peer-to-peer token transactions, added that the tokens were transferred to a multi-signature wallet controlled by both the platform and the hacker.

The only remaining tokens yet to be returned are the $33m in tether stablecoins frozen earlier in the week by cryptocurrency firm Tether, Poly Network said. . .

“The repayment process has not yet been completed,” Poly Network said on Twitter. “To ensure the safe recovery of user asset, we hope to maintain communication with Mr. White Hat and convey accurate information to the public.”

A person claiming to have perpetrated the hack said Poly Network offered him a $500,000 bounty to return the stolen assets and promised that he would not be accountable for the incident, according to digital messages shared on Twitter by Tom Robinson, the chief scientist and co-founder of Elliptic, a crypto tracking firm.

$342 million (As of 12 Aug 08:18:29 AM +UTC) of assets had been returned:
Ethereum: $4.6M
BSC: $252M
Polygon: $85M

The remaining is $268M on Ethereum

— Poly Network (@PolyNetwork2) August 12, 2021

Poly Network, which allows users to transfer or swap tokens across different blockchains, said on Tuesday it had been hit by the cyberheist and urged the culprits to return the stolen funds

. . .

Later on Wednesday, the hackers said in digital messages also shared by Elliptic that they had perpetrated the attack “for fun” and wanted to “expose the vulnerability” before others could exploit it and that it was “always” the plan to return the tokens.

At $600m, however, the Poly Network theft far outstripped the record $474m in criminal losses that were registered by the entire decentralised finance (DeFi) sector from January to July, according to crypto intelligence company CipherTrace.

The theft illustrates the risks of the mostly unregulated DeFi sector, crypto experts say. DeFi platforms allow users to conduct transactions, usually in cryptocurrency, without traditional gatekeepers such as banks or exchanges."

____________________________________________________________________________

EARLIER POST:

WHOA! Hackers Strike Again

Like they say 'It's always something...' Here's another yesterday from Arts Technica

Hackers siphon $600 million in digital tokens, crypto network says

Poly Network breach would be among biggest heists to target cryptocurrency industry.

Siddharth Venkataramakrishnan and Philip Stafford, FT - 8/11/2021, 1:06 PM

 

Insert copy >> "A decentralized financial network has claimed hackers absconded with about $600 million worth of cryptocurrencies in one of the largest heists to target the growing digital asset industry.

Poly Network, which links some of the world’s most widely used digital ledgers, said on Tuesday that attackers had exploited a vulnerability in its system and taken thousands of crypto tokens. The attack would be one of the largest to date on a crypto venture, on a par with breaches of exchanges Coincheck and Mt. Gox.

The alleged hack was a blow to supporters of decentralized finance, or DeFi, which has been one of the fastest-expanding areas of the booming cryptocurrency market. It also highlighted the lack of consumer and investor protections in a market with only light oversight from financial regulators . . ."