The hackers behind Poly Network are returning stolen cryptocurrencies

The threat actor who hacked the Poly Network cross-chain protocol has now returned the cryptocurrencies that were stolen.


The hackers stole $611 million worth of cryptocurrency assets, $273 million in Ethereum tokens, $253 million in Binance Smart Chain tokens, and $85 million in USDC from the Polygon network.


To prevent law enforcement intervention, Poly Network representatives asked the hackers to return the stolen assets.


Poly Network, the Chinese decentralised finance (DeFi) platform, tweeted that the hacker had already returned about $260 million in stolen cryptocurrency.


The threat actor stated the reason for the hack by embedding Q&A messages in transactions (as Elliptic Chief Scientist and Co-Founder Tom Robinson discovered), but the reasons for returning the stolen cryptocurrency are unknown.


SlowMist, a blockchain based security company, claims to have traced the attacker’s email address, IP address, and device fingerprint, which could have prompted it.


SlowMist also detected that Monero (XMR) was traded for BNB, ETH, MATIC, and other tokens to fuel the attack.


“This attack is mainly because the keeper of the EthCrossChainData contract can be modified by the EthCrossChainManager contract, and the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute the data passed in by the user through the _executeCrossChainTx function,” SlowMist further explained.

“Therefore, the attacker uses this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract.”



Poly Network had urged the hacker to return the cryptocurrency stolen from “thousands of crypto community members” to avoid being caught by law enforcement.


Poly Network says the threat actor exploited a vulnerability between contract calls to gain control of assets and move them to attacker-controlled wallets following a preliminary examination of the attack:



Binance CEO Changpeng Zhao stated the company was working with security experts to resolve the matter after Poly Network revealed the hack.


OKEx, Tether, and Huobi said their security teams were attempting to freeze cryptocurrency holdings stolen in the hack.



You might also like:


Kaseya’s universal REvil decryption key leaked: Report 

Hackers stole over $600 million worth of crypto from Poly Network

Threat actor leaked a million stolen credit cards on dark web

FlyTrap Android malware attacks several Facebook accounts