$611 Million Stolen in Poly Network Cross-chain Hack – from Security Affairs

August 10, 2021 By Pierluigi Paganini

The cross-chain protocol Poly Network has been hacked, threat actors stole $611 million making this hack the largest DeFi hack to date.

The cross-chain protocol Poly Network disclose a security breach, threat actors have stolen over $611 million in cryptocurrencies.

The attackers have transferred hundreds of million dollars worth of Binance Chain, Ethereum, and Polygon assets into their wallets.

The Poly Network protocol allows swapping tokens across multiple blockchains, including Bitcoin and Ethereum and Ontology.

The attackers

The assets has stolen $273 million worth of Ethereum tokens, $253 million in tokens on Binance Smart Chain and $85 million in USDC on the Polygon network.

“Since the theft, Tether has blacklisted the USDT on Ethereum that was stolen in the attack, roughly $33 million in tokens. That means they can no longer be moved. (USDT is a centralized stablecoin that can be frozen at will by the company behind it, similar to other stablecoins like USDC.)” states TheBlockCrypto website.

Researcher Igor Igamberdiev from the The Block speculates that the root cause of the hack was a cryptographic issue, in the cryptocurrency protocol, what is a rare case.

Blockchain security firm SlowMist issued an alert announcing that they have already determined the attacker’s ID. The experts claim to have discovered the attackers email address, IP information and device fingerprint.

The threat actors have employed the following wallets:

ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963
BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71
Polygon: 0x5dc3603C9D42Ff184153a8a9094a73d461663214
Some cryptocurrency exchanges announced they are aware of the hack and will do all the best to identity and block illegal transactions associated with the hack.

Follow me on Twitter: @securityaffairs and Facebook