Online theft has become very common these days in the world, thanks to the COVID-19 pandemic. Now in the latest case, hackers who were responsible for doing the biggest ever cryptocurrency heists have returned more than a third of $613 million in digital coins they stole, the company at the center of the hack said.
Poly Network, a decentralised finance platform that facilitates peer-to-peer transactions, said on Twitter that $260 million were stolen and it had been returned but that $353 million was outstanding.
The company, which lets users swap tokens across different blockchains, said it had been hacked and urged the culprits to return the stolen funds, threatening legal action.
The hackers further exploited a vulnerability in the digital contracts Poly Network uses to move assets between different blockchains, according to blockchain forensics company Chainalysis.
A person claiming to have perpetrated the hack said they did it “for fun” and wanted to “expose the vulnerability” before others could exploit it, according to digital messages shared by Elliptic, crypto tracking firm, and Chainalysis.
It was “always the plan” to return the tokens, the purported hacker wrote, adding: “I am not very interested in money.”
Unfortunately, the hacker or the group of hackers have not been identified yet.
Tom Robinson, co-founder of Elliptic, said the decision to return the money could have been prompted by the headaches of laundering stolen crypto on such a scale.
An executive from cryptocurrency firm Tether said on Twitter the company had frozen $33 million connected with the hack, and executives at other crypto exchanges told Poly Network they would also try to help.
“Even if you can steal cryptoassets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the broad use of blockchain analytics by financial institutions,” said Robinson.
The size of the theft was comparable to the $530 million in digital coins stolen from Tokyo-based exchange Coincheck in 2018. The Mt. Gox exchange, also based in Tokyo, collapsed in 2014 after losing half a billion dollars in bitcoin.
The Poly Network attack comes as losses from theft, hacks and fraud related to decentralised finance (DeFi) hit an all-time high, according to crypto intelligence company CipherTrace.
At $600 million, however, the Poly Network theft far outstripped the $474 million in criminal losses CipherTrace said were registered by the entire DeFi sector from January to July. The thefts illustrated risks of the mostly unregulated sector and may attract the attention of regulators.