Poly Network confirmed this Monday (23) that the last US $ 200 million (or approximately R $ 1 billion) of the US $ 643 million stolen from the decentralized financial platform had been returned by the hacker, ending a series of facts and twists surrounding the biggest cryptocurrency theft in history.
In a Twitter post, the Poly Network team thanked the hacker and said they were “ready for a new journey” after confirming access to the latest installment of the stolen funds.
As a result, almost all of the assets have returned to the platform’s domain. Only $ 33 million in theter (USDT) is yet to return, as it was blocked by the broadcaster when the attack was reported.
Dear “Hacker”,
Thanks! We are ready for a new journey.
Poly Network Teamhttps://t.co/djwsVJRXrN
– Poly Network (@ PolyNetwork2) 23 August 2021
Hacker negotiations
The biggest cryptocurrency theft in history ended with the return of stolen assets. (Source: Freepik / diana.grytsku / Reproduction)Source: Freepik / diana.grytsku / Reproduction
On August 10, the hacker exploited a vulnerability in the Poly Network code and managed to transfer 2,858 ethereum tokens, 6,610 binance coins and $ 85 million in USDC. In an unprecedented attitude, the platform decided to appeal to the thief, who was called “Mr. White Hat” (referring to a “good hacker” attitude).
The platform even promised a $ 500,000 reward to the hacker for helping identify a flaw in its systems, as well as offering a job as a “Chief Security Consultant”. Amidst the twists and turns, the attacker held a public conversation with the victim and proceeded to return the stolen assets.
However, there was a problem. More than $ 200 million worth of ethereum was trapped in an account that required Poly Network and hacker passwords. In recent days, the attacker refused to give up his password, simply saying that he would only do so when “everyone was ready”. Two weeks after the robbery, the thief ended the soap opera and shared the private key needed to regain control of the remaining assets.
The negotiations raised suspicion that it was all a public relations coup. On the other hand, some security experts believe that the attacker may have had a hard time laundering the money as all transactions are recorded on the blockchain.