Hacker behind $600-million heist of Poly Network’s assets has returned the stolen crypto

Get a free Techzine subscription!

Poly Network, the cross-chain decentralized finance platform provider, had about $600 million cryptocurrency stolen from it earlier this August. In a strange turn of events, the funds have all been returned.

The hack was first reported on August 10 and involved the theft of Ethereum, Polygon, and Binance Chain assets, with estimates saying they totalled about $610 million. The hacker exploited a cryptographic issue to manipulate functions that modified contracts on Poly.

The following day, the hacker, who goes by Etherwood, started returning small amounts of the stolen funds. The hacker said that the motivation for the attack was ‘fun.’

Etherwood

The hacker also added that they went after Poly Network because cross-chain hacking is ‘hot.’ Etherwood explained that he/she stole the cryptocurrency to keep it safe before insiders exploited the flaw.

The statement finished by saying “I prefer to stay in the dark and save the world.”

It was speculated that the funds were being returned since the hacker was trying to avoid criminal charges after researchers tracked down identifying information. The hacker has, in the meantime, returned all the funds, just as he/she had promised to do.

Mr. White Hat got rewarded

Bleeping Computer reported that the hacker, who changed their name to ‘Mr. White Hat’ gave Poly network access to the last tranche of stolen assets in their wallet, worth about $141 million, on Monday, August 23.

Poly Network wrote on Medium that at that point, all the user assets were transferred ‘without incident.’

The statement also thanked Mr. White Hat and proceeded to reassure users who lost assets in the heist that they would get back control of their assets in full soon. Poly paid the hacker $500,000 as a reward, which was initially billed as a bug bounty but can also be argued as a reasonable reward for doing the right thing in returning the money.