Poly Network, the cryptocurrency exchange that lost $610 million in a hack earlier this week, said on Friday that it had offered a $500,000 “bug bounty” to the hacker or hackers. It hailed the hacker, whom it branded a “white hat,” for “helping us improve Poly Network’s security,” in a statement. “White hat” is industry lingo for an ethical hacker who normally wants to uncover cyber weaknesses.
The network also expressed its hope that “Mr. White Hat” would contribute to the future growth of the blockchain sector by accepting the $500,000 incentive it had given as part of the digital currency’ repatriation talks. The payment method for the $500,000 was not specified in the announcement (roughly Rs. 3.7 crores). The hacker had reacted to the offer, but it was unclear whether it had been accepted.
Tom Robinson, the chief scientist and co-founder of crypto monitoring business Elliptic revealed digital messages on Twitter showing a person claiming to have carried out the attack had indicated Poly Network had offered him the bounty to restore the stolen assets.
Poly Network is a decentralized finance (DeFi) network that supports peer-to-peer transactions with a focus on allowing users to move or trade tokens across multiple blockchains. According to blockchain forensics firm Chainalysis, the as-yet-unidentified hacker or hackers appear to have exploited a vulnerability in the digital contracts Poly Network utilizes to shift assets between multiple blockchains.
According to a statement released on Friday, the hacker has returned $340 million (approximately Rs. 2,520 crores) in assets and transferred the majority of the remaining funds to a digital wallet shared by them and Poly Network. The remaining, held in tether, was frozen by the stablecoin’s cryptocurrency backers.
“After speaking with Mr. White Hat, we have gained a better understanding of how the incident transpired as well as Mr. White Hat’s original goal,” the statement added, without going into detail.
On Tuesday, Poly Network revealed the hack, but the next day, the hackers said they had begun restoring the digital currency they had seized. In digital letters released by Elliptic, the hackers said they carried out the attack for fun and that returning the tokens was always the goal.
However, other blockchain experts believe it would have been too difficult to launder stolen cryptocurrency on such a large scale.