Crypto Hacker Returns Half of Stolen Assets

The theft from DeFi platform Poly Network "demonstrates that even if you can steal crypto assets, laundering them and cashing out is extremely diff...
Matthew HellerAugust 12, 2021

In a case of crypto crime apparently not paying, a hacker who stole some $600 million in digital assets from decentralized finance platform Poly Network has begun to return the ill-gotten gains.

Poly Network disclosed Tuesday it was the target of one of the largest ever cryptocurrency heists and told the hacker, “We want to establish communication with you and urge you to return the hacked assets.”

As of about 6:30 pm London time on Wednesday, the hacker had returned $260 million in assets, including $256 million worth of Binance Smart Chain, $3.3 million of Ethereum, and $1 million of Polygon. A total of $269 million in Ethereum tokens and $84 million in Polygon tokens was still missing.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

“I think this demonstrates that even if you can steal crypto assets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the use of blockchain analytics,” said Tom Robinson, chief scientist of blockchain analytics firm Elliptic.

“In this case, the hacker concluded that the safest option was just to return the stolen assets,” he added.

The hack exploited a vulnerability in Poly Network, a DeFi platform that facilitates peer-to-peer transactions with a focus on allowing users to transfer or swap tokens across different blockchains.

“DeFi has become a key target for attacks,” CNBC said, noting that since the start of the year until July, DeFi-related hacks totaled $361 million — an increase of nearly three times from all of 2020, according to crypto compliance company CipherTrace.

Shortly after it was hacked, Poly urged cryptocurrency miners and exchanges to “blacklist” tokens coming from the hacker’s addresses. Security company SlowMist said  its researchers had “grasped the attacker’s mailbox, IP, and device fingerprints” and were “tracking possible identity clues related to the Poly Network attacker.”

“With the inherent transparency of blockchains and the eyes of an entire industry on you, how could any cryptocurrency hacker expect to escape with a large cache of stolen funds?” blockchain forensics firm Chainalysis said.

In notes posted on a blockchain, the hacker said he had decided to return the stolen assets because he was “not very interested in money.”