A professional hacker who stole $610 million from Poly Network said he did it for fun. He has returned most of the stolen cryptocurrency after negotiations to be rewarded with $500,000. The hacker said his intention is always to hack into cryptocurrency platforms and steal huge funds, which will always be returned later. Poly Network said the hacker has not confirmed whether he will be accepting the $500,000 “bug bounty” or not.
While thanking the hacker – dubbed “White Hat” – for returning a bulk of the money, Poly Network said the $500,000 reward was to appreciate the faceless hacker for “helping us improve Poly Network’s security”. The crypto platform also said they hoped White Hat would contribute to the increased development of the blockchain industry. The form in which the promised reward will be dispensed is however not revealed.
Poly Network is a cryptocurrency platform that focuses on decentralized finance (DeFi) where peer-to-peer transactions hold by enabling the transfer or swapping of digital tokens across various blockchains. A blockchain forensics company, Chainalysis, said the hacker possibly exploited a vulnerability in the digital contracts that Poly Networks uses to transfer funds across different blockchains.
Poly Network confirmed that the hacker refunded $340 million and sent the remainder into a common digital wallet managed by him and the crypto platform. Poly Network said they also discussed with White Hat how he was able to pull off the heist and his main objective for doing so. Some blockchain experts opine that the hacker may have returned the loot because he found it difficult to launder the massive cryptocurrency fund – but that remains speculation.
“When spotting the bug, I had a mixed feeling,” the hacker told investigators during a secure chat. “Ask yourself what to do had you faced so much fortune. Asking the project team politely so that they can fix it? Anyone could be the traitor given one billion! I can trust nobody! The only solution I can come up with is saving it in a trusted account while keeping myself anonymous and safe. That’s always the plan! I am not very interested in money! I know it hurts when people are attacked, but shouldn’t they learn something from those hacks?”
The chief scientist at blockchain analytics firm Elliptic, Tom Robinson, confirmed that White Hat was actually the one making the communications since he was chatting from his crypto account. “The messages are embedded in transactions sent from the hacker’s account,” Robinson told CNBC. “Only the holder of the stolen assets could have sent them.”