Wednesday, 18 August 2021 05:54

Crypto platform hit by $600m heist asks hacker to become its chief security adviser

Rate this item
(0 votes)

Cryptocurrency platform Poly Network was hit with a major attack last week which saw the hacker, or hackers, make off with more than $600 million worth of tokens.

In a bizarre twist, the hacker has now returned most of the stolen money but is withholding more than $200 million of the funds until "everyone is ready."

Poly Network promised the hacker a $500,000 bounty for the restoration of user funds, and even invited them to become its "chief security advisor."

The cryptocurrency platform targeted in a massive heist is now inviting the hacker behind it to become an advisor to the firm, and promising a $500,000 reward for the restoration of user funds.

Poly Network, a so-called decentralized finance or "DeFi" project, was hit with a major attack last week which saw the hacker, or hackers, make off with more than $600 million worth of tokens.

Poly Network lets users swap tokens from one digital ledger to another. Someone exploited a flaw in Poly Network's code which allowed them to transfer the assets to their own crypto wallets.

It is thought to be the largest crypto heist of all time, surpassing the $534.8 million in digital coins stolen from Japanese exchange Coincheck in a 2018 attack and the estimated $450 million worth of bitcoin that went missing from Tokyo-based exchange Mt. Gox in 2014.

In Poly Network's case, the hacker has taken the unusual step of returning most of the stolen money. All but $33 million of the crypto has now been returned.

However, more than $200 million of the funds is currently locked in an account that requires passwords from Poly Network and the hacker to gain access.

Poly Network has pleaded with the hacker, who it is calling "Mr. White Hat," to provide the password — known as a "private key" — necessary to retrieve the money.

"Mr. White Hat" is a reference to ethical hackers who search for vulnerabilities in organizations' systems that could expose them to attacks. Security researchers have questioned the labeling of the Poly Network attacker as a white hat hacker.

It's not clear why the hacker is withholding access to the final tranche of assets. An anonymous person claiming to be the hacker has simply said they will provide the key once "everyone is ready."

Last week, it was revealed that Poly Network had offered a $500,000 "bug bounty" to send all of the money back. Such bounties are typically rewarded to people who report bugs to help companies find and resolve flaws before they are disclosed to the general public.

The hacker initially turned down the bounty offer. However, in a message embedded in a digital currency transaction Monday, the hacker said "I am considering taking the bounty as a bonus for public hackers if they can hack the Poly Network."

Poly Network said Tuesday that it hoped to implement a "significant system upgrade" to prevent such an attack from happening again in future, but that it couldn't do so until all the remaining assets are returned.

The group said its promise to reward "Mr. White Hat" with a $500,000 bounty still stands, and even invited the hacker to becomes its "chief security advisor."

"To extend our thanks and encourage Mr. White Hat to continue contributing to security advancement in the blockchain world together with Poly Network, we cordially invite Mr. White Hat to be the Chief Security Advisor of Poly Network," the firm said in a statement.

"Poly Network previously promised to reward Mr. White Hat with a $500,000 bug bounty, but he did not accept it and has publicly stated that he has considered offering it to the technical community who have made contributions to blockchain security," Poly Network added.

"We fully respect Mr. White Hat's thoughts, and to express our gratitude, we will still transfer this $500,000 bounty to a wallet address approved by Mr. White Hat for him to use it at his own discretion for the cause of cybersecurity and supporting more projects and individuals."

Poly Network said it "has no intention of holding Mr. White Hat legally responsible" for the hack.

 

CNBC

November 27, 2024

CBN increases Interest Rate yet again

The Central Bank of Nigeria (CBN) has raised the monetary policy rate (MPR) from 27.25%…
November 26, 2024

Tinubu’s nepotism worse than Buhari’s, Senator says

Enyinnaya Abaribe, senator representing Abia South, has stated that Nigeria would have been in a…
November 24, 2024

Older adults opened up about things they ‘took for granted’ in their 20s and 30s

Last month, we wrote a post where older adults from the BuzzFeed Community shared things…
November 16, 2024

Influencer eats pig feed in extreme attempt to save money

Popular Douyin streamer Kong Yufeng recently sparked controversy in China by eating pig feed on…
November 26, 2024

Fighter jet brought to combat bandits who invaded Benue communities, killed 30, official says

At least 30 people have been killed in several communities across two Local Government Areas…
November 27, 2024

Here’s the latest as Israel-Hamas war enters Day 418

Israel-Hezbollah ceasefire, brokered by US and France, aims for permanent peace A ceasefire between Israel…
November 26, 2024

WhatsApp just introduced major new upgrade that overhauls messaging

I love WhatsApp but I’ve never been fond of voice messages, leaving them or retrieving…
Nothing to show. You must configure the data source of the widget.
October 27, 2024

Nigeria awarded 3-0 win over Libya after airport fiasco

Nigeria have been awarded a 3-0 victory over Libya, and three vital points, from their…

NEWSSCROLL TEAM: 'Sina Kawonise: Publisher/Editor-in-Chief; Prof Wale Are Olaitan: Editorial Consultant; Femi Kawonise: Head, Production & Administration; Afolabi Ajibola: IT Manager;
Contact Us: [email protected] Tel/WhatsApp: +234 811 395 4049

Copyright © 2015 - 2024 NewsScroll. All rights reserved.