Skip to main content

Hackers Steal $600 Million in Crypto From DeFi Site Poly Network

DeFi piggy bank with Bitcoin
(Image credit: Shutterstock)

A decentralized finance (DeFi) company called Poly Network today announced that hackers were able to steal as much as $600 million worth of various cryptocurrencies managed on the Binance Smart Chain, Ethereum, and Polygon blockchains.

This could be one of the largest cryptocurrency-related hacks to date, CoinDesk reported, if the entirety of that $600 million in assets managed on those chains was in fact compromised. Poly Network didn't share information about how much was stolen, but it did share the kinds of cryptocurrency stolen by the hackers.

That list includes:

  • Wrapped Bitcoin (WBTC)
  • Wrapped Ethereum (WETH)
  • RenBTC
  • Dai
  • Uniswap (UNI)
  • Shiba Inu (SHIB)
  • FEI
  • USD Coin (USDC)

Poly Network shared a list of wallets associated with the theft and urged "miners of affected blockchain and crypto exchanges" as well as "token issuers" to "blacklist assets coming from" those addresses to prevent the stolen coins from being spent. At least some of those groups, such as Tether, have complied with that request.

Poly Network's announcement came shortly after Reuters reported that "losses from theft, hacks, and fraud" in the DeFi industry reached "a record $474 million from January to July," according to a study conducted by CipherTrace. This hack could have more than doubled those figures over the course of a single morning.

Much of the response to this hack has played out on Twitter. "HsakaTrades" reported that the hacker is tipping people who offer them useful information, and showed that many people are messaging the hacker to congratulate them on the heist. But some of those celebrations may have been premature.

The Block reported that a blockchain security firm called SlowMist claimed to have "tracked down the attacker's ID" as well as "their email address, IP information and device fingerprint." It might not be long before the hacker is forced to return what they stole and, presumably, face criminal charges for the $600 million theft.

  • Phaaze88
    Other currencies are stolen in vast quantities worldwide.
    This feels to me like one of those water is wet things.
    Reply
  • Blacksad999
    Yes, regular currency often gets stolen, but proportionally it happens significantly more often with Crypto. It's incredibly rare for a Bank have 600 million stolen, and even then there are safeguards in place. If someone wipes out your Crypto wallet, who are you going to call, exactly? Nobody, that's who.
    Reply
  • Phaaze88
    I dunno... some of the other currencies have been around much longer...
    Reply
  • spongiemaster
    Blacksad999 said:
    Yes, regular currency often gets stolen, but proportionally it happens significantly more often with Crypto.
    Not sure about that. I know far more people who have had their real wallet stolen or lost than their crypto wallet.
    Reply
  • 2Be_or_Not2Be
    spongiemaster said:
    Not sure about that. I know far more people who have had their real wallet stolen or lost than their crypto wallet.

    I know far more people who have never heard of a "crypto wallet" than ones who do know. ;)
    Reply
  • spongiemaster
    2Be_or_Not2Be said:
    I know far more people who have never heard of a "crypto wallet" than ones who do know. ;)
    Proportionally. I know quite a few people dabbling in crypto and not a single person personally who has had their crypto wallet stolen. I think it is safe to say, most people have had money stolen from them at some point in their life.
    Reply
  • Jim90
    spongiemaster said:
    Proportionally. I know quite a few people dabbling in crypto and not a single person personally who has had their crypto wallet stolen. I think it is safe to say, most people have had money stolen from them at some point in their life.

    If this happened to a regular bank there would be a difference in outcome for the account owners.
    Reply
  • avg9956
    Its really because there's a lack of security involved with those DeFi blockchain networks. The attack vector often involves the smart contract when crypto transactions are made (i.e. staking/lending/transferring/withdrawing/depositing/etc.) and some exploit in the code. If only the custodian of the cryptocurrency is secure, then this should never have happened.

    Here is an analysis of the said attack: analysis of the said attackThese sort of attacks have happened multitude of times , most especially if your wallet is connected to a DeFi service while you're doing any kind of transaction with crypto. If you're holding crypto, always best to store it on a cold wallet instead, disconnected from the internet.
    Reply