Biggest DeFi hack ever: The story so far
DeFi’s mammoth growth has attracted more than just new investors. Over 70% of 2021’s major hacks and fraud have been DeFi related.
In what may be the largest attack in decentralized finance, Poly Network was attacked and the alleged hacker drained roughly $600 million in crypto. According to the official announcement, the hacker drained assets from Binance Chain, Ethereum, and the Polygon network.
Important Notice:
We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon Assets had been transferred to hacker's following addresses:
ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963
BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71— Poly Network (@PolyNetwork2) August 10, 2021
Poly Network, a protocol launched by the founder of Chinese blockchain project Neo, operates on the Binance Smart Chain, Ethereum, and Polygon blockchains. Meanwhile, analysis from each of the respective networks concluded the hackers stole roughly $273 million in Ethereum, $85 million in USD Coin (USDC) from the Polygon network, and $253 million from Binance Smart Chain. The assets stolen included a great number of tokens including ETH, DAI, UNI, SHIB, FEI, BUSD, BTCB, ETHB, BNB, USDT, and more.
Poly Network hacked for over $600 million across Ethereum, Polygon, and BSC. https://t.co/e1mJW0gijehttps://t.co/84gmgphqAHhttps://t.co/3ICgaeJgUs
Poly network hasn't even verified their contracts on Ethereum so it's tedious to analyze. Here are my current thoughts ?? pic.twitter.com/WDvMbpGVwN
— Mudit Gupta (@Mudit__Gupta) August 10, 2021
As per Poly Network’s tweet,
“The hacker exploited a vulnerability between contract calls, exploit was not caused by the single keeper as rumored.”
Furthermore, according to China-based blockchain security firm, Slowmist, “Combined with the flow of funds and multiple fingerprint information, it can be found that this is likely to be a long-planned, organized, and prepared attack”
However, a tweet by Sushiswap “super-coder” Mudit Gupta, stated:
“This was not a DeFi or smart contract hack but a traditional key compromise combined with irresponsible design decisions taken by Poly Network.”
A message from the Hacker was highlighted by Wu Blockchain. It stated:
HACKER: IT WOULD HAVE BEEN A BILLION HACK IF I HAD MOVED REMAINING SHITCOINS! DID I JUST SAVE THE PROJECT? NOT SO INTERESTED IN MONEY, NOW CONSIDERING RETURNING SOME TOKENS OR JUST LEAVING THEM HERE https://t.co/DjnA7tkAbF https://t.co/rZKOxcBFpi pic.twitter.com/q5usAa0ojb
— Wu Blockchain (@WuBlockchain) August 10, 2021
In addition to this, the team behind Poly Network released a statement addressing the hacker directly
— Poly Network (@PolyNetwork2) August 10, 2021
Having said that, crypto proponents within the space did offer help. Changpeng Zhao, CEO of cryptocurrency exchange Binance, tweeted:
We are aware of the https://t.co/IgGJ0598Q0 exploit that occurred today. While no one controls BSC (or ETH), we are coordinating with all our security partners to proactively help. There are no guarantees. We will do as much as we can. Stay #SAFU. ? https://t.co/TG0dKPapQT
— CZ ? Binance (@cz_binance) August 10, 2021