PolyNetwork Hackers Return $253M Funds On Binance Smart Chain

The team of hackers that shook Poly Network has now returned the $600Million in funds that were stolen by requesting the team at Poly Network for a Multisig Wallet.

Background of the Attack

Just recently, crypto funds worth around $600Million in value had been stolen by a team of hackers targeting the Poly Network. The hackers managed to gain access to three chains of the Poly Network and exploited them to transfer precious funds stored. $273Million worth of funds were stolen in Ethereum, $253 from the Binance Chain, $85Million in USDC, and a few others, which consisted of WBTC, renBTC, and WETH, totaling to a sum of around $600Million in value of stolen funds. This attack has been deemed as one the biggest hacking attacks in the decentralized finance space.

Hackers Response

As of now, the group of hackers responsible have decided to return all of the stolen funds after asking for a Multisig wallet address to handle the large amounts of funds. The hackers used an Ethereum transaction on the 11th of August in order to declare their decision of returning the funds through a notification. The reason for requesting a MultiSig Wallet was that the Poly Network was having issues with connections, so a Multisig wallet address would work just fine, becoming an easy way to return the funds.

Poly Network Responds

As of now, a tweet from the official Poly Network account contained three unique wallet addresses for the hackers to send the precious funds back to. One address was Ethereum-based, one was from Binance Smart Chain, and the final one was from Polygon. The team at Poly Network declared to the hackers in an Ethereum-based transaction message that it is working to come up with a MultiSig Wallet for the hackers to transfer the funds to.

Research from O3 Labs revealed that the Poly Network has a major exploit on its network that needs to be dealt with immediately. The exploit is such that only a white hacker can perform this level of fraud in DeFi.

Feeling proud of their accomplishment, the hackers send a message, stating that having successfully implemented this level of exploitation has gained them quite the popularity. The hackers additionally stated on the Ethereum transaction message that this event was part of a personal project and did not involve any DAO.