PremiumThe as-yet unidentified hacker or hackers appear to have exploited a vulnerability in the digital contracts Poly Network uses to move assets between different blockchains, according to blockchain forensics company Chainalysis
After suffering a heist amounting to $610 million earlier this week, cryptocurrency trading platform Poly Network has confirmed that it offered the hacker or hackers involved a 'bug bounty' of $500,000. The platform has already received most of the amount that was stolen during the theft, termed the biggest yet in the decentralised finance world.
Bug bounty a prize offered to those who help uncover bugs and other lacunae in a digital framework.
In a thank-you note, Poly Network called the hacker a "white hat" - jargon for an ethical hacker who points out vulnerabilities in a system - and offered a prize for uncovering the flaw in its security, reported Reuters.
In its statement, the platform also said it hoped "Mr White Hat" would continue to aid the development of blockchain sector upon accepting the $500,000 reward, which it had offered as part of negotiations around the return of the digital coins.
Poly Network, however, did not specify in what form it would pay $500,000 to the hacker or hackers, or if its offer was accepted by them.
"After communicating with Mr. White Hat, we have also come to a more complete understanding regarding how the situation unfolded as well as Mr. White Hat’s original intention," it stated, without giving further details.
Meanwhile, those claiming to have perpetrated the theft have said they do not want the bug bounty. They carried out the hack because they found it fun, and now want to return the appropriated funds, a series of statements showed.
In an "ask-me-anything" session, someone claiming to be the hacker behind the Poly Network attack stated that platform deemed their action white hat behaviour and had offered them the $500,000 reward, to be paid once the refund was complete.
The statements were shared on Twitter by Tom Robinson on Thursday, chief scientist and co-founder of crypto tracking firm Elliptic, who said these were embedded in Ethereum transactions sent from the account controlled by the hacker.
In one of the messages, the unidentified individual stated that they hadn't responded to Poly Network's offer, and will instead send all of their money back.
Poly Network, a less-known name in the cryptocurrency world, is a decentralised finance (DeFi) platform that facilitates peer-to-peer transactions with a focus on allowing users to transfer or swap tokens across different blockchains.
The as-yet unidentified hacker or hackers appear to have exploited a vulnerability in the digital contracts Poly Network uses to move assets between different blockchains, as per blockchain forensics company Chainalysis.
According to Friday's statement, the hacker has returned $340 million worth of assets and transferred the bulk of the rest to a digital wallet jointly controlled by them and Poly Network. A key has to be entered by both the hacker and Poly Network to retrieve the amount.
The remainder, held in tether, was frozen by the cryptocurrency firm behind the stablecoin.
Poly Network announced the hack on Tuesday, but the following day said the hackers had begun returning the digital coins they had taken. Some blockchain analysts have speculated however they might have found it too difficult to launder stolen cryptocurrency on such a scale.
(With Reuters' input)
This story has been published from a wire agency feed without modifications to the text.
Never miss a story! Stay connected and informed with Mint. Download our App Now!!