Poly Network, a Chinese biz that handles transactions across various blockchains, urged thieves to return $600m of digital cash stolen from it in what it called the “biggest [attack] in DeFi history.”
DeFi is short for decentralised finance. Poly Network’s technology can be used to exchange cryptocurrencies; it can be used to swap Bitcoin for Ethereum, for example. The organization announced on Tuesday it had been compromised by one or more miscreants who drained hundreds of millions of dollars of digital assets from its systems.
We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon Assets had been transferred to hacker’s following addresses:
— Poly Network (@PolyNetwork2) August 10, 2021
“After preliminary investigation, we located the cause of the vulnerability. The hacker exploited a vulnerability between contract calls, exploit was not caused by the single keeper as rumored,” it said.
Poly Network advised its customers, cryptocurrency exchanges like Binance and Coinbase Pro, and miners to refuse transactions from specific wallet addresses to thwart the thieves.
Some of the $600m swiped from Poly Network appears to have been laundered or liquidated already, and other transactions have been rejected. Tether, a blockchain platform that converts real money into cryptocurrencies and vice versa, said it had frozen $33m of digital assets after the cyber-heist.
— Paolo Ardoino (@paoloardoino) August 10, 2021
Poly Network urged the thieves to return the stolen coins: “Law enforcement in any country will regard this as a major economic crime and you will be pursued. It is very unwise for you to do any further transactions. The money you stole are from tens of thousands of crypto community members, hence the people. You should talk to us to work out a solution.”
The Register has asked Poly Network for comment. ®