Friday , December 3 2021
Home / Blockchain / The $600M PolyNetwork Hack: What Exactly Happened and What Investors Should Be Aware of

The $600M PolyNetwork Hack: What Exactly Happened and What Investors Should Be Aware of

Summary:
PolyNetwork, an interoperability protocol enabling atomic-cross chain transactions between multiple major blockchains, was just exploited to steal 0 million worth of investor’s crypto on Polygon, Binance Smart chain, and Ethereum What Exactly Happened? As reported by CryptoPotato earlier today, PolyNetwork announced that they had been attacked at 8:38 am EST. They immediately listed the addresses to which the anonymous hacker had transferred their funds on the ETH, BSC, and Polygon networks, and called upon miners of the affected exchanges to blacklist them. The ETH, BSC, and Polygon addresses involved show volumes of 6.5M, 2M, and M worth of crypto assets, respectively. These include WBTC, WETH, RenBTC, DAI, UNI, SHIB, and FEI. This totals to over 0M worth

Topics:
Andrew Throuvalas considers the following as important: , , , , , , , ,

This could be interesting, too:

Dimitar Dzhondzhorov writes Spider-Man NFTs Drove The Second-Biggest One-Day Ticket Sales in AMC’s History, Says CEO

Mandy Williams writes Mercado Bitcoin’s Parent Company 2TM Secures Million to Push Expansion

Andrew Throuvalas writes Adidas Enters The Metaverse With BAYC, Punks Comic, and GMoney

Chayanika Deka writes It’s Time for South Korea to Embrace Cryptocurrencies, Says KRX Chief

PolyNetwork, an interoperability protocol enabling atomic-cross chain transactions between multiple major blockchains, was just exploited to steal $600 million worth of investor’s crypto on Polygon, Binance Smart chain, and Ethereum

What Exactly Happened?

As reported by CryptoPotato earlier today, PolyNetwork announced that they had been attacked at 8:38 am EST. They immediately listed the addresses to which the anonymous hacker had transferred their funds on the ETH, BSC, and Polygon networks, and called upon miners of the affected exchanges to blacklist them.

The ETH, BSC, and Polygon addresses involved show volumes of $266.5M, $252M, and $85M worth of crypto assets, respectively.

These include WBTC, WETH, RenBTC, DAI, UNI, SHIB, and FEI. This totals to over $600M worth of crypto having been stolen, easily making this the largest DeFi hack to date.

In dollar value terms, this DeFi hack is comparable to the Mt. Gox and BitFinex exchange hacks, which resulted in $500M and $750M of stolen funds at the time of the hacks.

It was soon discovered that the hacker’s initial source of funds was Monero (XMR), a privacy-based coin, which he then converted to ETH, BNB, and MATIC in the exchange.

CEO of crypto exchange OKEx, Jay Hao, has reassured victims that he is addressing the situation:

“@OKEx  is already on the case. We’re watching the flow of coins, and will do our best to manage the situation. Our wallet team will get in touch if we need more information.”

Analysis shows that the nature of the hack was a traditional compromising of user’s private keys, which was made easier due to Smart Contract design decisions by PolyNetwork.

An involved smart contract belonging to the company used a single keeper wallet, which allowed the hacker to sign off on a contract transferring all funds to his address, after obtaining the relevant private key, which may have been done through various methods. PolyNetwork has also not verified their smart contracts using Etherscan.

How Do Investors Avoid This?

As a growing field, DeFi still has many problems to sort out, and future scams, hacks, and exploits are highly likely to take place in the near term. CryptoPotato has outlined some best practices to protect investors from malicious actors seeking to compromise their assets.

These include ensuring that smart contracts of your chosen investment project have been audited by tech-savvy auditing organizations with pristine track records. Such precautions could have saved many investors in the case of this recent, historically large hack.

defiscams1
DeFi exploits of 2021. Image by CryptoPotato

Leave a Reply

Your email address will not be published. Required fields are marked *