On Aug 10th, Twitter witnessed a storm when Poly Network, an organization communicated to an extra-ordinary mind through it, asking him to be in touch and to work together towards a solution.
That person is actually a hacker who stunned the world by stealing (and later returned some too) digital coins worth millions of dollars. The hacker responded about the intention of returning funds by ruling out, “not very interested in money”.
On Wednesday, Aug 11th, (just yesterday) Poly Network got thrilled to receive $260 million back.
Poly Network is basically a corporate blockchain platform which allows people to bargain for and seal deals for numerous distinct digital tokens, updated us through Twitter that it got 3 crypto-currencies safely back, which were $3.3 million worth of Ethereum, Binance Smart Chain that was valued at 4256 million and Polygon with worth of $1 million.
Besides, it still looks for Ethereum tokens worth $269 million and Polygon with worth $84 million.
Shortcomings In Software:
The hacker, as per Tom Robinson, who set-up Elliptic, which is a blockchain analytics and compliance firm in London, confirmed that the hacker utilized one of the blockchain to post material that prima-facie appears to be a self-assessment, in the form of Q & A session comprising 3 pages.
The hacker outlined noble intentions behind his refund initiative (just like Robin Hood who would love public capital) and declared his heist was directed to determine the vulnerabilities in present-day Poly Network software.
Inside the notes embedded on the Ethereum blockchain, the hacker claimed, “I know it hurts when the people are attacked, but shouldn’t they learn something from those hacks?”
The hacker hunted intently for a vulnerability to take advantage of and they purposely pulled crypto-currencies worth millions of dollars as they wanted to emphasize their point, else they thought the Poly Network would have repaired the security loopholes quietly without admitting it publicly.
But they also punctuated the fact that “real panic in crypto-world” was not on their minds so they picked up “important coins” and not the whole lot.
Speaking to BBC, Mr. Robinson, who counsels the UK government about crypto-centric crimes, maintained, “Either they just intended to commit theft and steal assets, or they were acting like a white hat hacker to expose a bug, to hep Poly Network make themselves more strong and secure”.
Further, he laid stress upon the robust blockchain technology framework which discouraged people from making profits from stolen digital currencies, as money moves out in a particular wallet, it is specifically visible on he network.
“I wonder whether this hacker stole the funds, realized how much publicity and attention they were getting, realized wherever they moved the funds they would be watched, and decided to give it back”.
“The blockchain has itself operated here flawlessly, but the problem is on blockchains like Ethereum, you can write your own smart contracts. Various services have started offering this, including Poly Network”.
“So whenever a human being write code, there’s a chance they will make a mistake”.
On Poly Network platform, smooth movement is facilitated among multiple blockchain as one crypto-currency is traded for another, like I trade BSC for Ethereum.
Mr. James Chappel, who co-founded cyber-security firm Digital Shadows based in London, clarifies, “The Poly Network is the thing that facilitates the movement between these chains – ultimately, it’s software, it’s code, and code always has imperfections and defects in it”.
However, this was not the unique offence and many such attacks have taken place on numerous services during the past one year, such as:
- Yearn Finance, where hackers connected to siphon out $11 million,
- Meerkat Finance, where attackers wiped off $32 million in March month,
- Alpha Finance, which registered $37 million worth of theft in same month.
After inflicting pain and suffering for nearly 24 hours, hackers’ intention of returning most of the stolen money or all of it, becomes clear, as he updated online, ”The pain suffered is temporary, but memorable”
As such, even the notion that theft was committed with the purpose of compelling Poly Network to rectify its security flaws, is taken with scepticism.
There is a misty hint that some security company is closer to the suspect and his identity is about to be known.
Also, hackers may have been gone too far and are now intimidated and therefore returned money to shun legal proceeding likely to be launched against them.
Whatever the case may be, authorities are working hard and round the clock to get hold of them.
The story indicates how sophisticated the hackers are and how unregulated this decentralized crypto-currency network is that falls helpless, when someone wipes a large fortune in it.