On August 10, 2021, a thus far unidentified attacker stole $612 million worth of cryptocurrency from cross-chain DeFi protocol Poly Network, making this the largest ever theft from a DeFi protocol. But in an incredible twist, the attacker now appears to be returning the funds to Poly Network one day later.
The attacker pulled off the heist by taking advantage of an exploit in the smart contracts Poly Network uses to carry out cross-chain transactions. Ethereum programmer Kelvin Fichter tweeted out a great breakdown of how exactly the exploit worked if you’d like to learn more. The attacker stole funds in the following cryptocurrencies:
- ETH
- WETH
- WBTC
- UNI
- RenBTC
- USDT
- USDC
- DAI
- SHIB
- FEI
- BNB
- Various BEP-20 Tokens
Poly Network publicly identified three addresses that we’ve confirmed are controlled by the attacker:
- Attacker Address 1: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963 (ETH)
- Attacker address 2: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71 (BSC)
- Attacker address 3: 0x5dc3603C9D42Ff184153a8a9094a73d461663214 (POLYGON)
Below, we’ll share some notes on how the attack was carried out, how much the attacker has returned to Poly Network so far, and the current balances of the attackers’ addresses.
Notes on the initial fund movements
We came across a few interesting insights while analyzing the attacker’s initial movements of stolen funds. Check out the Chainalysis Reactor graph below, which shows Attacker Address 1 receiving 2,857.59 ETH — worth $274,461,628.15 USD — from Poly Network in the initial theft.
We can see that the day before, the attacker withdrew 0.47 ETH from Hoo.com, which was used to pay for gas fees on transactions associated with the hack. Additionally, the attacker appears to have sent 13.37 ETH to a user known as Hanashiro.eth, who sent an Ether transaction to the attacker with a message warning them that the USDT they’d stolen from Poly Network had been frozen.
Apparently, the Poly Network attacker is willing to pay good money for good information.
The attacker also stole 673,227 DAI and 96,389,444 USDC from Poly Network. The attacker sent the full amounts of both to the Curve DeFi protocol in order to mint 95,269,796 3CRV tokens. Within an hour, the attacker burnt those 3CRV tokens to receive 96,942,061 DAI.
We suspect the attacker’s goal was to exchange their holdings of a centralized stablecoin, USDC, for a decentralized one like DAI in order to decrease the chances of the funds being frozen.
Return of stolen funds and current balances
Amazingly, the attacker now seems to be in the process of returning the stolen funds to Poly Network at their request. Starting August 11, they began to send funds back to three Poly Network addresses:
- 0x71Fb9dB587F6d47Ac8192Cd76110E05B8fd2142f
- 0xEEBb0c4a5017bEd8079B88F35528eF2c722b31fc
- 0xA4b291Ed1220310d3120f515B5B7AccaecD66F17
As of 12:45 PM ET on August 12, the attacker has returned all of the stolen funds, except for the 33.4 million USDT that was frozen. In total, the attacker has returned cryptocurrency valued at $578.6 million of the initial $612 million stolen.
- POLYGON USDC
- Binance-Peg BTCB
- Binance-Peg BUSD
- Binance-Peg USDC
- FEI
- SHIB
- Binance-Peg ETH
- BNB
- RenBTC
The attacker has communicated with Poly Network via Ether transaction note during this process, voicing their intention to start by returning altcoins and asking if their stolen USDT could be unlocked in return for returning stolen USDC.
It’s possible this is a ruse to make off with the unstolen USDT, but so far nothing suggests the attacker won’t continue to return the stolen funds.
Previously, the hacker also asked Poly Network to set up a multisig wallet for him to continue returning funds, and asked Poly to begin sending funds returned thus far to affected users.
As of 10:00 AM ET on August 11, 2021, the attackers’ three addresses hold the following balances:
Attacker Address 1: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963
- USDT – 33,431,234.90
Attacker address 2: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71
- This address is now empty.
Attacker Address 3: 0x5dc3603C9D42Ff184153a8a9094a73d461663214
- This address is now empty.
Cryptocurrency security firm Slowmist claims to have identified the attacker’s mailbox, IP address, and device fingerprints, suggesting they could be close to identifying them, but as of now we have no information to confirm this. For their part, the attacker is dismissing the possibility of being identified in a Q&A they’re holding via Ether transaction notes, where they also explain some of their motivations for hacking Poly Network.
It remains to be seen whether or not the attacker’s confidence here is warranted.
Cryptocurrency hacks are getting harder
The Poly Network hack and subsequent return of funds shows that it’s becoming more difficult to pull off large-scale cryptocurrency theft. That may sound counterintuitive given that this $600 million theft represents the biggest DeFi hack of all time, and that the fast-growing DeFi ecosystem is uniquely vulnerable to hacks. However, cryptocurrency theft is more difficult to get away with than theft of fiat funds. This is due in part to the inherent transparency of blockchains. Whereas criminally obtained fiat currency can be moved through shady bank accounts, with authorities relying on subpoenas and cooperation of financial institutions to trace its path, anyone in the world can view cryptocurrency transactions made on public blockchains.
The growing, highly-engaged cryptocurrency community is constantly enhancing the power of cryptocurrency’s transparency. Within minutes of the hack, crypto twitter was ablaze with updates from countless industry operators, reporters, and anonymous sleuths tracking the attacker’s movement of the funds. It would have been virtually impossible for the attacker to move the funds anywhere without somebody broadcasting it. This paints a promising picture for future cryptocurrency hack responses. With the inherent transparency of blockchains and the eyes of an entire industry on you, how could any cryptocurrency hacker expect to escape with a large cache of stolen funds? In most cases, the best they could hope for would be to evade capture as the funds sit frozen in a blacklisted private wallet.
While we certainly don’t expect every cryptocurrency hack to end with the attacker returning the stolen funds, in this case, it appears Poly Network will get its money back and has also learned about an important vulnerability its team can now patch up. Ultimately, the ecosystem will be stronger for this. All addresses associated with the Poly Network hack have now been labeled in our products. We’ll continue to track the movement of the stolen funds and provide updates of any significant changes.