In what is likely the biggest cryptocurrency theft in history, hackers made off with more than $600 million by exploiting a vulnerability in the multi-chain DeFi protocol Poly Network, according to multiple media reports and Twitter.
The Poly Network enables users to swap tokens across multiple blockchains. In this case, the hackers transferred the stolen assets to addresses on Ethereum, Binance Smart Chain and Polygon.
The Poly Network team reached out to the hackers on Twitter in an attempt to open up communication lines and emphasize that the assets were taken from “tens of thousands of crypto community members” and the amount stolen is the biggest in DeFi history.
“Dear Hackers … We want to establish communication with you and urge you to return the hacked assets,” per the letter. “Law enforcement in any country will regard this as a major economic crime.”
In a separate Tweet, they provided addresses where the hackers could return the funds. That in turn, triggered multiple tweets from people providing hackers with addresses and asking for “a few coins” in these “trying times” and requests to pay off university debt, generally poking fun at the notion of asking the hackers for the money back.
Part of the heist included about $33 million of the stablecoin Tether, which is now frozen by operator Bitfinex, making it unavailable to the attacker, according to reports and Twitter.
The amounts taken were from Ethereum, $273 million; Binance Smart Chain, $253 million; and Polygon, $85 million, Jason Yanowitz, co-founder of Blockworks, said in a tweet.
Blockchain Ecosystem Security company Slow Mist said on Twitter and in a Medium blog post that its team “grasped the attacker’s mailbox, IP, and device fingerprints” and are “tracking possible identity clues related to the Poly Network attacker.”