Poly Network called on exchanges to “blacklist” the tokens. As it is a protocol involving several blockchains, the figure could be higher.
This note was updated two hours after publication to add Poly Network’s statement directed at hackers.
The DeFi protocol for multiple blockchain operability, Poly Network, was breached today, Tuesday, August 10. The attacker or hacker group would have stolen at least $600 million in cryptocurrencies and tokens, which would be one of the worst blows to decentralized finance platforms.
Poly Network made the event public through a message on Twitter. The organization called on all exchanges and miners to “blacklist” the tokens involved in the interest of countering the attack.
“Important news: we regret to announce that Poly Network was attacked on Binance Smart Chain (BSC), Ethereum (ETH), and Polygon (MATIC). The assets have been transferred to the following addresses of the hackers:
- ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963
- BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71
- Polygon: 0x5dc3603C9D42Ff184153a8a9094a73d461663214
We call on affected blockchain miners and exchanges to blacklist tokens coming from the above addresses,” Poly Network announced on the popular social network, mentioning Binance, Huobi, OKex, and Coinbase.
The address for tokens on Ethereum showed a balance of $273 million, the one for tokens on BSC exhibited a total of $253 million and the one related to the Polygon network held a balance of $85 million in USDC.
Adding up the funds gives a total of $611 million in cryptocurrencies. However, the figure could be higher as Poly Network involves the operation of several blockchains. That is, security analysts could find other vulnerabilities in their research.
As a measure to restrict the action of hackers, Paolo Ardonio, chief technology officer of Bitfinex and Tether (USDT), announced that $33 million in the stablecoin was frozen. This aspect shows the centralized nature of some services and companies operating in the bitcoin ecosystem.
It is unclear what the hackers’ modus operandi was. However, Igor Igamberdiev of The Block Research said that this was an unusual crypto problem. No further details of the flaw were provided. Poly Network would prepare a post-mortem report in the coming days to reveal how the events occurred.
Among the reactions that spread after the hack was that of Binance’s CEO, Changpeng Zhao. The executive stated the following: “We are aware of the Poly Network exploit that occurred today. While no one controls BSC (or ETH), we are coordinating with all of our security partners to proactively help. There are no guarantees. We will do everything we can.”
Poly Network pleads with hackers
Hours after reporting the attack on its platform, Poly Network released a message addressed to the hacker or hackers involved. In the statement, DeFi begs the hackers to return the funds, heading the letter with a “dear hacker…”.
“We would like to establish communication with you and urge you to return the hacked assets. The amount of money you hacked is the largest in the history of DeFi. The money you stole is from tens of thousands of members of the cryptocurrency community,” Poly Network emphasized.
The decentralized finance protocol stressed to the hacker that authorities in any country could consider the act as a major economic crime for which he would be prosecuted.
DeFi, the target of multiple attacks
Platforms for decentralized finance (DeFi) have been questioned in the past for their recurring security problems. CryptoNews has reported multiple attacks on services of this type involving tokens on Ethereum or from BSC, among others.
Recently, in May, two events captured media attention in the cryptocurrency ecosystem. On the 17th of that month, the case of bEarn, a service on BSC, was reported, from which almost 11 million dollars were stolen.
Two weeks after what happened with bEarn, another case with a DeFi service on the Binance Smart Chain was reported. On that occasion, the vulnerability was for the Belt Finance platform from which $6.2 million was stolen.