DEFISECURITY

DeFi's Biggest Hack Yet! Cross-chain Protocol Poly Network Hacked for $600 Million, Ethereum, BSC, and Polygon Assets Affected

share
DeFi

The cross-chain protocol Poly Network was hacked. The official confirmation came at 8:38 pm. According to unofficial reports, at least $611 million has been affected. Major exchanges and Tether have stated they will assist as much as possible.

Ethereum, BSC, Polygon Assets Compromised

The team behind Poly Network is supported by Neo, Ontology, and Switcheo, and it is a protocol for cross-chain asset swaps. Following the incident, Poly Network's O3 trading pool has temporarily suspended its functions.

On the evening of the 10th, the official statement indicated that hackers transferred assets from Ethereum, BSC, and Polygon to the following three addresses:

  • ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963
  • BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71
  • Polygon: 0x5dc3603C9D42Ff184153a8a9094a73d461663214

Contact has been made with miners of each blockchain, Tether USDT, Circle USDC, and exchanges such as Binance, Huobi, OKEx, and Coinbase, in hopes of assisting in blacklisting the relevant addresses.

According to analysis, the total value of stolen assets is approximately $611 million, including:

  • Ethereum: ETH, USDC, WETH, WBTC, USDT, SHIB, renBTC, DAI, UNI
  • BSC: BNB, USDC, ETH, BTCB, BUSD
  • Polygon: USDC

Cybersecurity firm PeckShield has also identified the current location of these funds:

Cybersecurity firm SlowMist's analysis of the attack method:

This attack primarily occurred because the keeper of the EthCrossChainData contract can be modified by the EthCrossChainManager contract. The verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute user-entered data through the _executeCrossChainTx function. Therefore, the attacker utilized this function to input carefully crafted data to modify the keeper of the EthCrossChainData contract. This incident did not occur due to the leakage of the keeper's private key.

Binance, OKEx, and Tether Express Support

  • Tether CTO stated that they have frozen 33 million USDT
  • OKEx CEO mentioned that they are closely monitoring the flow of funds
  • Binance CEO Changpeng Zhao stated that while no one can control BSC and ETH, they are working with cybersecurity partners to provide assistance.

Hacker Leaves Blockchain Messages, Interacts with Community for Rewards, Shows Little Interest in Money

There have been many "interesting" interactions between the hacker and the community.

The address hanashiro.eth informed the hacker through a blockchain message not to use its USDT as it has been blacklisted. The hacker then transferred 42,000 worth of ETH as a gesture of gratitude. The address hanashiro.eth also sent some ETH to Vitalik. This action seemed to stir the community, with many expressing a desire to receive a share of the money through blockchain messages.

Users discovered that the hacker's address even initiated a transaction with themselves and wrote in the blockchain message:

"WONDER WHY TORNADO? WILL MINER STOP ME? TEACH ME PLZ!"

Cybersecurity experts speculate whether the hacker is inquiring if it is safer to use TORNADO for money laundering. Later, the hacker even stated that they are not very interested in money, and might return it or simply leave it as it is.

https://twitter.com/UnderTheBreach/status/1425119885978447875