IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Poly Network hacker returns $342 million of stolen assets

Hacker states that they are “not very interested in money”

Darkened image of a hacker wearing a hoodie using computing equipment

The hacker behind what is considered to be the biggest cryptocurrency heist in history has now returned $342 million (£247 million) worth of stolen assets.

This is according to Poly Network, a blockchain platform that fell victim to the virtual robbery on Tuesday, having lost $610 million (£440 million) worth of Ether, Binance, and USDC tokens.

The company made the announcement on its Twitter page, that as of 8pm UTC (9pm BST) on Thursday, it had been reunited with $256 million worth of BSC, $4.6 million Ethereum, and $85 million Polygon – more than half of the total stolen assets.

“The remaining is $268M on Ethereum,” Poly Networks stated.

The hacker behind the heist started returning the stolen cryptocurrency tokens on Wednesday afternoon following an open letter published by the company, urging the hackers to “establish communication”. It also asked miners of affected blockchain and crypto exchanges to "blacklist tokens” associated with the hacker’s wallet.

Meanwhile, the hacker decided to explain their reasoning behind the heist by publishing a three-page Q&A which was found embedded in the Ethereum transactions sent to Poly Networks by the hacker.

In the Q&A, which was shared by Elliptic chief scientist & co-founder Tom Robinson, the hacker stated that they hack “for fun” and that they are “not very interested in money”. They added that the stolen assets would be returned in due time in order to preserve their identity:

Related Resource

IT Pro 20/20: Does cyber security's public image need a makeover?

Issue 18 of IT Pro 20/20 looks at recent efforts to retire the 'hacker' stereotype, and how the threat landscape has changed over the past 20 years

IT Pro 20/20 Issue 18: Does cyber security's public image need a makeover?DOWNLOAD NOW

“I understood the risk of exposing myself even if I don’t do evil,” they said, before adding that they “prefer to stay in the dark and save the world”.

They also alluded to the fact that they might be a white hat hacker, saying that they chose to steal the assets in order to make the public aware of the bug found in Poly Network’s system and prevent the platform from patching it “secretly without any notification”.

However, according to London-based blockchain analytics and compliance company Elliptic, the hacker is unlikely to escape the consequences of their actions:

“Whatever the motivation for the hack, these events have demonstrated how difficult it is [to] profit from theft or any other illicit activity using cryptoassets. The transparency of the blockchains allowed crowd-sourced, real-time collaboration between protocol developers, stablecoin issuers, blockchain analytics companies and the wider community, to ensure the hacker would not be able to disappear with the stolen assets,” its analysis stated.

“Despite the return of the funds, the hacker might well still find themselves being pursued by the authorities. Their activities have left numerous digital breadcrumbs on the blockchain for law enforcement to follow, aided by blockchain analytics tools.”

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Best free malware removal tools 2022
Security

Best free malware removal tools 2022

22 Jun 2022
A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
What is shoulder surfing?
social engineering

What is shoulder surfing?

10 Jun 2022
CIAM buyer’s guide
Whitepaper

CIAM buyer’s guide

6 Jun 2022

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Why India wants to become a chipmaking powerhouse
components

Why India wants to become a chipmaking powerhouse

28 Jun 2022