Hacker Steals $600 Million in Digital Assets from PolyNetwork – PolyNetwork was looted of about $600 million in digital assets. Security specialists are still attempting to figure out what went wrong. The funds associated with the assault were traced to three different Ethereum, Binance Smart Chain, and Polygon addresses.
Details regarding an exploit that snatched $600 million in digital assets from PolyNetwork have been slow to emerge, more than seven hours after it was initially reported. In the absence of a full audit, cybersecurity organizations have told the programmers behind the cross-chain compatible network, “This is on you.”
Security specialists disagree on the sequence of events that led to the loss of currency, with some accusing their colleagues of misleading the public. PolyNetwork uses a multi-sig wallet for transactions, according to Ethereum developer and security researcher Mudit Gupta. “The attacker acquired hold of at least three keepers and then exploited them to change the keepers to a single keeper,” as result, the hacker locked them out.
SlowMist, a blockchain security firm, claims this isn’t the case. Instead, the attacker used a weakness in a smart contract function to modify the keeper, redirecting funds to the attacker’s own address, according to the report. “This situation did not occur as a result of the keeper’s private key being leaked,” it stated.
Regardless of whether the attacker gained private keys or exploited a flaw in a smart contract, being in charge is one way to do both. Was it, however, an inside job? Rug pulls, a type of exit scam, were the most common form of crypto fraud last year!
It’s too early to say. “Through on-chain and off-chain tracking, SlowMist has captured the attacker’s mailbox, IP, and device fingerprints, and is following possible identity evidence associated to the Poly Network attacker”. However, the inquiry has not yet resulted in a key piece of evidence being held by a Poly executive.
The hacker, on the other hand, is using the Ethereum blockchain to send out taunts by attaching messages to blocks. In one post, they said, “WHAT IF I MAKE A NEW TOKEN AND LET THE DAO DECIDE WHERE THE TOKENS GO?”
It’s unclear whether the attacker will be able to use the funds. PolyNetwork has also requested that “miners of affected blockchains and crypto exchanges blacklist tokens” associated with the exploiter’s addresses. Tether responded by freezing $33 million in USDT linked to the incident, while executives from Binance, OKEx, and Huobi offered to assist in limiting the damage.
Thank you for sticking with us all the way to the end of this article! Stay tuned to Oyprice and subscribe to our YouTube channel. And don’t forget to join our telegram channel for regular news and updates.