Hackers have returned USD 260 million of the USD 613 million that they stole by exploiting a vulnerability between contract calls of Poly Network, a decentralized finance (DeFi) platform that allows users to move tokens across blockchains.
The news comes one day after Poly issued a public appeal to the hackers to return the hacked assets. “The amount of money you hacked is the biggest one in the defi history. Law enforcement in any country will regard this as a major economic crime and you will be pursued,” the firm said in a tweet.
— Poly Network (@PolyNetwork2) August 10, 2021
In one transaction note that records where some of the stolen assets were transferred, the hackers sought unlock the stolen Tether, a stablecoin known as USDT, after returning a portion of the plundered USDC, another stablecoin.
“The Poly Network hack and subsequent return of funds shows that it’s becoming more difficult to pull off large-scale cryptocurrency theft. That may sound counterintuitive given that this USD 600 million theft represents the biggest DeFi hack of all time, and that the fast-growing DeFi ecosystem is uniquely vulnerable to hacks,” said New York-based blockchain data firm Chainalysis in a blog post on Wednesday. The firm added that crypto theft is harder to get away with than theft of fiat funds owing to the inherent transparency of blockchain-recorded transactions.
“Whereas criminally obtained fiat currency can be moved through shady bank accounts, with authorities relying on subpoenas and cooperation of financial institutions to trace its path, anyone in the world can view cryptocurrency transactions made on public blockchains,” Chainalysis added.
Poly Network was founded by Chinese blockchain entrepreneur Da Hongfei. It announced a partnership with Binance, the world’s largest crypto trading platform, in January to expand its cross-chain interoperability network, enabling developers and decentralized applications, or dapps, on both platforms to swap tokens, per a report by Technode.
“It would have been virtually impossible for the attacker to move the funds anywhere without somebody broadcasting it. This paints a promising picture for future cryptocurrency hack responses,” Chainanalysis said in its blog post.
Despite the seemingly promising landscape, many countries across the world are tightening the screws on crypto platforms. In particular, Binance is one of the main targets. The platform was barred from undertaking any regulated business in the United Kingdom in late June. Japan’s Financial Services Agency warned that Binance was operating in the country without a license, while the United States Department of Justice was reportedly investigating the exchange as it allows users to transact with cryptocurrencies, according to multiple media reports.