Type to search

Crypto Platform Poly Network Rewards Hacker with Big ‘Bug Bounty’

Hacker reportedly offered $500,000 as a reward for returning crypto-assets taken in huge heist this week to a wallet the platform can access – but it is not known if ‘Mr White Hat’ will accept the offer

China has blamed the US for a server attack on one of its state universities.
A man takes part in a hacking contest during the Def Con hacker convention in Las Vegas. Photo: Reuters


Poly Network, the cryptocurrency platform which lost $610 million in a hack earlier this week, confirmed on Friday that it had offered the hacker – or hackers – a $500,000 “bug bounty”.

In a statement, it thanked the hacker – who it dubbed a “white hat”, sector jargon for an ethical hacker who generally aims to expose cyber vulnerabilities – who had returned the bulk of the funds for “helping us improve Poly Network’s security”.

The network also said it hoped “Mr White Hat” would contribute to the blockchain sector’s continued development upon accepting the $500,000 reward, which it had offered as part of negotiations around the return of the digital coins.

The statement did not specify the form in which it would pay the $500,000. It said the hacker had responded to the offer but did not say if it was accepted.

On Thursday digital messages shared on Twitter by Tom Robinson, chief scientist and co-founder of crypto-tracking firm Elliptic, showed a person claiming to have perpetrated the hack had said Poly Network offered him the bounty to return the stolen assets.

A lesser-known name in the world of crypto, Poly Network is a decentralised finance (DeFi) platform that facilitates peer-to-peer transactions with a focus on allowing users to transfer or swap tokens across different blockchains.

The as-yet unidentified hacker or hackers appear to have exploited a vulnerability in the digital contracts Poly Network uses to move assets between different blockchains, according to blockchain forensics company Chainalysis.

According to Friday’s statement, the hacker has returned $340 million worth of assets and transferred the bulk of the rest to a digital wallet jointly controlled by them and Poly Network.

The remainder, held in tether, was frozen by the cryptocurrency firm behind the stablecoin.

“After communicating with Mr White Hat, we have also come to a more complete understanding regarding how the situation unfolded as well as Mr White Hat’s original intention,” the statement said, without giving further details.

Poly Network announced the hack on Tuesday, but the following day said the hackers had begun returning the digital coins they had taken.

The hackers said in digital messages shared by Elliptic that they had perpetrated the attack for fun and that it was always the plan to return the tokens.

Some blockchain analysts have speculated, however, they might have found it too difficult to launder stolen cryptocurrency on such a scale.


• Reuters and Jim Pollard


After Huge Crypto Heist, $342 Million is Returned to Poly Network 

Crypto Scams Getting Bigger and More Sophisticated

A regulated crypto market will make bitcoin safer for investors

Jim Pollard

Jim Pollard is an Australian journalist based in Thailand since 1999. He worked for News Ltd papers in Sydney, Perth, London and Melbourne before travelling through SE Asia in the late 90s. He was a senior editor at The Nation for 17+ years.


AF China Bond