The world’s biggest ever crypto-currency heist has finally come to a close with the return of every token swiped to the victim organization, Poly Network.
On August 10, a cyber-thief targeted Poly Network, a blockchain connection platform, and managed to steal over $610 million in crypto-currency. The attacker exploited a code vulnerability after a blockchain keeper’s private key was leaked, allowing them to change the “keeper role” of two blockchain contracts and conduct unauthorized transactions.
The thief made significant withdrawals from both Bscscan and Etherscan contracts, totaling millions of dollars in crypto-currency. However, after the attack, Poly Network reached out to the culprit through social media, urging them to return the stolen funds. Surprisingly, the attacker claimed that the theft was done to highlight security issues and expressed their intention to return the funds.
In the following days, the hacker began returning the stolen tokens in increments, with nearly half of the amount already returned to Poly Network by August 13. The platform even offered the hacker a job as its chief security advisor and a generous bug bounty for identifying the security flaw exploited in the attack.
After negotiations with Poly Network, the hacker, now known as Mr. White Hat, has finally provided the organization with the private key needed to regain control of the remaining tokens. In a recent blog post, Poly Network announced that all user assets that were transferred out during the incident have been fully recovered, and they are working on returning full asset control to users promptly.
This resolution marks the end of the biggest crypto-heist in history, surpassing the 2018 theft from Japanese digital currency exchange Coincheck. It serves as a reminder of the importance of robust security measures in the ever-evolving world of crypto-currency.