Poly Network hacker fulfills promise and returns the money! SlowMist reveals identity: I'll give a big gift if you find me in a month
As previously announced to repay, the hackers have followed through on their promise. Poly Network officials confirmed that in addition to Tether freezing approximately 33 million USDT, the hackers have returned almost all the funds and have also rejected the $500,000 white-hat hacker reward offered by the team. As for his mysterious identity, he emphasized, "Even if I am eventually found, I am still proud of my integrity."
Table of Contents
$611 Million Hack
The Poly Network team initially confirmed on the evening of 8/10 that tokens worth approximately $611 million had been hacked. They urgently contacted miners and exchanges to help cut off the hacker's funds, while researchers from PeckShield, SlowMist, and The Block analyzed the attack methods.
Despite setting a record for the largest hack in DeFi history, the hacker remained calm and continued interacting with the Ethereum blockchain messages, the official team, and the crypto community.
After a spontaneous act of tipping, a large portion of the cryptocurrency community started begging the hacker for funds.
Tether: Destruction and Reissue
After continued communication between the two parties, the $610 million funds have now been transferred to a multi-signature wallet controlled by both the Poly Network team and the hacker, with only about 33 million USDT frozen.
Tether's CTO, Paolo Ardoino, stated:
Tether may destroy the frozen USDT and reissue it to transfer to the Poly Network team, rather than trusting the hacker to move the funds after they are unfrozen.
. @Tether_to just froze ~33M $USDt on 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963 as part of the #PolyNetwork hack https://t.co/EviPTAkQJD
— Paolo Ardoino (@paoloardoino) August 10, 2021
Hacker's Intentions?
In a series of blockchain messages released by the hacker, he emphasized that he has no interest in money, depositing $220 million into Curve and its fork Ellipsis to provide liquidity, only to cover the potential costs of his actions on the chain.
Prior to this, the Poly Network team had shown goodwill towards the hacker during their communication, not holding him accountable for his actions and offering a $500,000 bug bounty:
We consider your actions as that of a white-hat hacker. Apart from offering you a $500,000 bug bounty, we assure you that you won't be held accountable. You can keep $500,000 of the assets, and we will replenish Poly Network users.
The hacker responded stating, "Poly did offer a bounty, but I never responded to it and returned all the money."
Second AMA
In the hacker's second AMA held on the chain, he answered more questions on his own.
He claimed that the AMA was not a confession but more like writing a diary, revealing that English is not his native language, and it's not easy to type while holding down the SHIFT key.
Is he a hacker or a white-hat hacker? He believes that what is considered hacking can also be done by a good person. The reason he didn't inform the project about the vulnerability beforehand is that in DeFi, where over a hundred projects disappear every year, he can't trust anyone.
Regarding SlowMist's claim of having the hacker's email, IP, and device fingerprints, he stated:
I am very confident in my anonymity. I have been dedicated to a hacker career since I was young and am a well-known hacker in the real world, currently working in the information security industry. If anyone can find my identity within a month, I will give them a big gift. Wanna play?
He emphasized, "Even if I am eventually found, I am still proud of my integrity."
Related
- PayPal Stablecoin Market Value Plunges by 40%, How Will DeFi Maintain User Focus After the Big Sell-Off
- Looking at the future of SocialFi from the demise of FriendTech: Greed-driven speculation hinders innovation, industry remains optimistic
- Babylon mainnet launched nearly a month ago, market response not as expected: Where does the future of BTCFi lie?