Poly Network Hacker Reportedly Returns Most of Stolen FundsSecurity Experts Point Out Vulnerability in Smart Contract System
The hacker behind the $612 million breach of the blockchain-based Poly Network system has reportedly returned all stolen assets, though $238 million remains locked in a multi-signature account requiring passwords from both parties, the platform says.
Poly Network, launched by the founder of Chinese blockchain project Neo, announced the incident in a series of tweets Tuesday, listing three addresses - on the ethereum, binance and polygon blockchains - where the money was illicitly transferred. It called the heist the "biggest" in the history of decentralized finance, or DeFi, which relies on blockchain technology for its transactions (see: Poly Network Says $600 Million in Cryptocurrency Stolen).
Poly Network, which allows users to swap tokens across blockchains, initially called on miners of affected blockchain and cryptocurrency exchanges to blacklist tokens associated with the theft. All but $33 million worth of the digital coin Tether - described as a stablecoin pegged to the U.S. dollar - has reportedly been transferred back to Poly Network. On Tuesday, Tether used a built-in fail-safe to freeze the associated wallet.
Poly Network offered the attacker - whom it is calling "Mr. White Hat," a term traditionally used to describe ethical hackers - a $500,000 bug bounty, which was reportedly refused.
The current status of the affected assets is as follows.— Poly Network (@PolyNetwork2) August 13, 2021
a) Approximately $238 million is currently being transferred to the 3/4 multi-signature wallet, while we still wait for Mr. White Hat to provide his final key authorization.
The Poly Network hacker is now saying that they were offered a $500k bounty to return the stolen assets - but that they will not be claiming it pic.twitter.com/Dqp2ZhSO47— Tom Robinson (@tomrobin) August 12, 2021
In a statement shared with Information Security Media Group, Poly Network says: "We would like to thank ['Mr. White Hat' for] his commitment for helping us improve Poly Network's security and hope he will help contribute to the blockchain sector's continued development."
The platform confirms that it will return funds to their original holders once it receives the final key to the jointly held account.
"Moreover, we will further optimize our smart contract system along with cross-chain services before resuming services," the company says.
The asset recovery process began Wednesday, when the hacker began publishing messages embedded in ethereum transactions, according to a blog post from Tom Robinson, chief scientist at the blockchain analytics firm Elliptic. An initial note from the attacker read, "Ready to return the fund!"
"Either they had always intended to [return the stolen cryptoassets], or the huge attention brought by the hack meant that they were unlikely to be able to spend the funds and were at risk of being apprehended - so returning them was their only real option," Robinson writes.
Included in the hacker's embedded ethereum transactions were a series of self-Q&As, Elliptic's Robinson notes.
In the "interviews," the hacker says he will "never" be exposed - after using temporary and "untraceable" email and IP addresses.
"The Poly Network is a sophisticated system," the hacker writes, adding that he planned a "blitzkrieg" on various networks but had no plans to launder the assets.
On returning the funds, he writes: "That's always the plan! I know it hurts when people are attacked, but shouldn't they learn something from those hacks?
"I would like to give [Poly Network] tips on how to secure their networks, so that they can be eligible to manage the billion [dollar] project in the future," he writes.
The attacker notes, "I enjoyed what I cared [about] most: hacking and guiding … Figuring out the blind spot in the architecture of Poly Network would be one of the best moments in my life."
Q&A part 4 (!) pic.twitter.com/sCNyV0zqYq— Tom Robinson (@tomrobin) August 11, 2021
Elliptic's Robinson adds, "Despite the return of the funds, the hacker might well still find themselves being pursued by the authorities. Their activities have left numerous digital breadcrumbs on the blockchain for law enforcement to follow."
SlowMist, a Chinese blockchain security firm, said shortly after the attack that it had grasped the attacker's mailbox, IP and device fingerprint and was pursuing identity clues. The firm also claimed the hacker used monero - later exchanged for other tokens - to fund the heist, which it believes was "long-planned, organized and prepared."
The firm says the attacker leveraged a vulnerability allowing them to transfer tokens to personal wallets. In a blog post, SlowMist says the hacker utilized the "verifyHeaderAndExecutiveTx" function of the "EthCrossChainManager" contract to execute specific cross-chain transactions. Using carefully constructed data, the firm says, the attacker was able to modify the address of the "keeper" role, construct transactions at will and withdraw funds.
Ethereum programmer Kelvin Fichter echoed the findings, saying on Twitter that the attacker appeared to override contract instructions on the three blockchains - changing a list of public keys to match private keys and ultimately reroute funds.
One of the biggest design lessons that people need to take away from this is: if you have cross-chain relay contracts like this, MAKE SURE THAT THEY CAN'T BE USED TO CALL SPECIAL CONTRACTS. The EthCrossDomainManager shouldn't have owned the EthCrossDomainData contract.— God-like Natural Number Creator Person (TM, R) (@kelvinfichter) August 10, 2021
"One of the biggest design lessons that people need to take away from this is: if you have cross-chain relay contracts like this," Fichter writes on Twitter, "make sure that they can't be used to call special contracts."
Blockchain intelligence firm Chainalysis also writes that once in control of the cryptoassets, the attacker sent certain amounts to the Curve DeFi protocol to "mint" - or validate - 95,269,796 of Curve's 3CRV tokens. Within an hour, the firm says, the 3CRV tokens were "burnt" to receive 96,942,061 of the stablecoin DAI.
"We suspect the attacker's goal was to exchange their holdings of a centralized stablecoin, for a decentralized one like DAI in order to decrease the chances of the funds being frozen," Chainalysis writes.
In addition, during the course of the attack, an entity known as "hanashiro.eth" warned the hacker that specific assets had been blacklisted, according to Blockchain Intelligence Group, which forensically analyzed Poly Network transactions. The "Poly Network Exploiter" responded in kind with a $42,356.69 transfer of funds to hanashiro, it says.
Crypto Experts React
On the scale of this DeFi theft, Elliptic's Robinson points out, "These events have demonstrated how difficult it is to profit from theft or any other illicit activity using crypto assets. The transparency of the blockchains allowed crowd-sourced, real-time collaboration between protocol developers, stablecoin issuers, blockchain analytics companies and the wider community, to ensure the hacker would not be able to disappear with the stolen assets."
"This type of exploit certainly won't be the last as funds deposited into smart contracts like this are always exposed to risks associated with how [they] are coded," says David Janczewski, a former new business director for The Royal Mint, the government-owned coin manufacturer that produces currency for the U.K. "[This makes] risk-averse individuals, institutions and regulators uneasy and prevents the inflow of capital into digital assets."
Janczewski, who is the co-founder and CEO of Coincover, which provides disaster recovery options for cryptocurrency businesses, says that unless more security regulations are required in DeFi, "both individuals and organizations will struggle to operate effectively in a space where we have to rely on the good will of hackers to return stolen funds."
The Poly Network breach may also cause both the public and private sectors to heighten collaboration - to identify how criminal and terrorist organizations use the blockchain to transfer both monetary value and illicit communication, says William Callahan, a former U.S. DEA special agent in charge who now serves as the director of government and strategic affairs for Blockchain Intelligence Group, which analyzed this week's cross-chain incident.