More than $600 million has been stolen in what’s likely to be one of the biggest cryptocurrency thefts ever.
Hackers exploited a vulnerability in Poly Network, a platform that looks to connect different blockchains so that they can work together.
Poly Network disclosed the attack on Twitter and asked to establish communication with the hackers, and urged them to “return the hacked assets.”
Our redesigned local news and weather app is live! Download it for iOS or Android — and sign up for alerts.
A blockchain is a ledger of activities upon which various cryptocurrencies are based. Each digital coin has its own blockchain and they’re different to each other. Poly Network claims to be able to make these various blockchains work with each other.
Poly Network is a decentralised finance platform. DeFi is a broad term encompassing financial applications based on blockchain technology that looks to cut out intermediaries — such as brokerages and exchanges. Hence, it’s dubbed decentralised.
Proponents say this can make financial applications such as lending or borrowing more efficient and cheaper.
“The amount of money you hacked is the biggest in defi history,” Poly Network said in another tweet.
Once the hackers stole the money, they began to send it to various other cryptocurrency addresses. Researchers at security company SlowMist said a total of more than $610 million worth of cryptocurrency was transferred to three different addresses.
Poly Network urged cryptocurrency exchanges to “blacklist tokens” coming from the addresses that were linked to the hackers.
About $33 million of Tether that was part of the theft has been frozen, according to the stablecoin’s issuer.
Meanwhile, Changpeng Zhao, CEO of major cryptocurrency exchange Binance, said he was aware of the attack.
He said Binance is “coordinating with all our security partners to proactively help,” but that “there are no guarantees.”
“We will take legal actions and we urge the hackers to return the assets,” Poly Network said on Twitter.
SlowMist said in a tweet that their researchers had “grasped the attacker’s mailbox, IP, and device fingerprints” and are “tracking possible identity clues related to the Poly Network attacker.”
The researchers concluded that the theft was “likely to be a long-planned, organised and prepared attack.”
DeFi has become a key target for attacks.
Since the start of the year until July, DeFi-related hacks totaled $361 million — an increase of nearly three times from the whole of 2020, according to cryptocurrency compliance company CipherTrace.
DeFi-related fraud is also on the rise. In the first seven months of the year, they accounted for 54% of total crypto fraud volume versus 3% for all of last year.