Skip links

$600m in cryptocurrencies swiped from Poly Network servers after security snafu

Poly Network, a Chinese software biz that processes cryptocurrency transactions across different blockchain platforms, urged hackers to return $600m worth of stolen digital cash in what it called the “biggest [attack] in DeFi history.”

DeFi stands for decentralised finance. Protocols like Poly Network allow cryptocurrency traders to exchange digicash across various blockchains; they can be used to swap Bitcoin for Ethereum, for example. The company announced it had been hacked on Tuesday after a miscreant drained hundreds of millions of dollars worth of digital assets stored using its technology.

“After preliminary investigation, we located the cause of the vulnerability. The hacker exploited a vulnerability between contract calls, exploit was not caused by the single keeper as rumored,” it said.

Poly Network advised its customers, including cryptocurrency exchanges like Binance and Coinbase Pro as well as miners to block transactions from specific addresses to prevent the hacker from exchanging digital tokens into cryptocurrencies.

Some of the $600m swiped from Poly Network appears to have been liquidated, but other transactions have been rejected. The CEO of Tether, a blockchain platform that converts real money into cryptocurrencies and vice versa, said he had frozen $33m worth of digital assets after the hack.

Poly Network urged the hacker to return the digital dosh. “Law enforcement in any country will regard this as a major economic crime and you will be pursued. It is very unwise for you to do any further transactions. The money you stole are from tens of thousands of crypto community members, hence the people. You should talk to us to work out a solution.”

The Register has asked Poly Network for comment. ®