So far, $258 million worth of stolen crypto assets have been restored, and the hacker claims to be keeping the remaining cash secure while they negotiate with Poly.
Using the Poly Network, the hacker has restored $258 million to the cross-chain DeFi protocol and conducted a question and answer session in which he explained exactly how the original hack occurred.
The Poly Network was the target of a $612 million attack on August 10 that was touted as the largest DeFi theft to date. The hacker was able to take assets from Ethereum, the Binance Chain, and the Polygon Network.
In an interview with Forbes on Aug. 11, Tom Robinson, the chief scientist at blockchain analytics startup Elliptic, stated that the hacker had so far returned approximately $258 million in cash to Poly, with an additional $342 million still to be repaid.
I like how the PolyNetwork Exploiter is having an AMA
right now… what a ridiculous space. pic.twitter.com/FBQieZqdQW
— Sam MacPherson (@hexonaut) August 11, 2021It has been suggested that the attacker declared their readiness to restore the stolen funds on many occasions, leading some to believe that it was a white hat hack intended to teach Poly a costly lesson about its security problems.
Robinson, on the other hand, was not necessarily of the same opinion, stating that the repatriation of monies “demonstrates that even if you can steal crypto-assets, laundering them and cashing them out is extremely difficult due to the transparency of the blockchain.”
In an AMA (Ask Me Anything) using embedded messages in Ethereum transactions, the hacker has answered questions from the community. While the hacker appears to be a non-native English speaker, what has been lost in translation is their great purpose.
Upon being questioned as to why they were hacking and why the Poly protocol in particular, the hacker responds that they were doing it “for fun” and that “cross-chain hacking is hot.”
Despite such responses, they go on to claim that the hack was carried out for charitable purposes, and that they have subsequently been transferring tokens between addresses only for the purpose of keeping them safe:
“When spotting the bug, I had a mixed feeling. Ask yourself what to do had you facing so much fortune. Asking the project team politely so that they can fix it? Anyone could be the traitor given one billion. I can trust nobody! The only solution I can come up with is saving it in a trusted account.”
“Now everyone smells a sense of conspiracy. Insider? Not me, but who knows? I take the responsibility to expose the vulnerability before any insiders hiding and exploiting it!” they stated.
Users on Twitter pointed out that the hacker was asking for assistance in depositing funds into Tornado Cash, which is a decentralised system that allows private Ethereum transactions to be carried out privately and securely.
Hacker is literally begging for help.
pic.twitter.com/JvoshUNfu2
— Sam naique03012009 (@Shane_Naique7) August 10, 2021After being interrogated about why they were selling and swapping part of the stolen stablecoins, the attacker answered by saying, “I was pissed by the Poly team for their initial response.”
The Poly team sent an open letter to the hacker on their website yesterday, urging him or her to restore the stolen assets since “law enforcement in any country will regard this as a major economic crime and you will be pursued.”
they urged others to blame me and hate me before I had any chance to reply!” the hacker claims further. as well as the fact that they had no intention of laundering the funds:
“In the meanwhile, depositing the stables could earn some interest to cover potential cost so that I have more time to negotiate with the Poly team.”
