- The Poly Network hacker has already returned approximately half of the $600 million stolen funds.
- The hacker intends to pay back all of the funds.
- Analysts claim the transparency of blockchain technology makes it difficult to launder stolen money.
Poly Network, an interoperable between various blockchains, was exploited for more than $600 million on August 10. The attacker exploited the network across Ethereum, Binance Smart Chain, and Polygon decentralized finance (DeFi) exchanges.
The hacker managed to steal around $85 million in USDC from the Polygon network, approximately $250 million from Binance Smart Chain, and over $270 million from the Ethereum network in what emerged to be the biggest DeFi hack to date.
However, following a number of strict measures taken by the crypto industry bodies, the hacker revealed that he/she “is ready” to restore all the stolen funds.
Hacker Has Returned Half of Stolen Funds
On August 11 at around 4:00 am UTC, the hacker sent a transaction to himself with an embedded message that read:
READY TO RETURN THE FUND !
Afterward, the hacker requested a multi-sig wallet for refunding all the stolen tokens. “Failed to contact the poly. I need a secured multisig wallet from you,” the hacker said in a transaction.
The Poly Network attacker started returning stolen funds in USDC at around 8 am UTC. Initially, the hacker sent 10, 10,000, and 1 million in USDC on the Polygon blockchain. Since then, the hacker has returned around half of the $600 million stolen funds.
Tom Robinson, chief scientist and co-found at Elliptic, said it is pretty hard to launder money given the transparent nature of the blockchain. He said:
I think this demonstrates that even if you can steal cryptoassets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the use of blockchain analytics.
“In this case the hacker concluded that the safest option was just to return the stolen assets,” Robinson further added.
Numerous reasons could have played a role in convincing the hacker to return the stolen funds. For one, in the very early stages of the hack, Tether froze approximately $33 million of the stolen funds.
Moreover, Poly Network asked miners to blacklist the hacker’s funds. “We will take legal actions and we urge the hackers to return the assets,” the network said.
In addition, SlowMist, a Chinese cybersecurity firm, asserted that it has “grasped the attacker’s mailbox, IP, and device fingerprints.” SlowMist further added that they are “tracking possible identity clues related to the Poly Network attacker,” and called the attack “a long-planned, organized and prepared attack.”
What could have really pushed the hacker into returning funds might be the fact that executives from almost all prominent crypto exchanges, including Binance, OKEx, and Huobi agreed to assist in limiting and minimizing the damage.