The cryptocurrency company that was the subject of a huge hack is now asking the hacker behind it to join the firm as an advisor and offering a $500,000 prize for the restoration of user cash.
Poly Network, a cryptocurrency network, was struck by a massive attack last week, with hackers stealing more than $600 million worth of tokens.
The Poly Network, a so-called decentralized finance or “DeFi” initiative, was the victim of a massive attack last week in which the hacker or hackers stole more than $600 million in tokens.
The Poly Network enables users to transfer tokens between digital ledgers. Someone took advantage of a vulnerability in Poly Network’s programming to move the funds to their own cryptocurrency wallets.
It is thought to be the largest cryptocurrency heist in history, surpassing the $534.8 million in digital currencies stolen from the Japanese exchange Coincheck in 2018 and the estimated $450 million in bitcoin stolen from the Tokyo-based exchange Mt. Gox in 2014.
In the instance of Poly Network, the hacker took the extraordinary step of returning the majority of the stolen funds. The cryptocurrency has now been returned in whole, with the exception of $33 million.
However, over $200 million of the assets are presently locked in an account that requires both Poly Network and the hacker’s credentials to access.
The Poly Network has appealed to the hacker, dubbed “Mr. White Hat,” to supply the password — referred to as a “private key” — required to retrieve the funds.
The term “Mr. White Hat” refers to ethical hackers who look for weaknesses in businesses’ systems that might be exploited. Security specialists have questioned the Poly Network attacker’s classification as a white hat hacker.
The hacker’s motivation for delaying access to the final tranche of assets is unknown. The hacker, according to an unnamed source, has merely stated that they would release the key when “everyone is ready.”
The Poly Network offered a $500,000 “bug reward” last week in exchange for returning all of the money. Typically, such bounties are awarded to individuals who report bugs in order to assist businesses in identifying and resolving problems before they are exposed to the wider public.
Initially, the hacker declined the bounty offer. However, in a message contained in a Monday digital currency transaction, the hacker stated, “I am contemplating offering a reward as a bonus to public hackers who can breach the Poly Network.”
Poly Network stated Tuesday that it intended to perform a “major system upgrade” to prevent such attacks in the future, but would be unable to do so until all remaining assets were recovered.
The group stated that its pledge to award “Mr. White Hat” with a $500,000 bounty remains intact, and it has even asked the hacker to serve as its “chief security advisor.”
“To express our gratitude and to urge Mr. White Hat to continue advancing security in the blockchain industry alongside Poly Network, we kindly welcome Mr. White Hat to join Poly Network as Chief Security Advisor,” the company said in a statement.
“Poly Network previously offered a $500,000 bug bounty to Mr. White Hat, but he declined and publicly said that he contemplated donating it to members of the technical community who have contributed to blockchain security,” Poly Network noted.
“We completely respect Mr. White Hat’s viewpoints, and to show our appreciation, we will send the $500,000 bounty to a wallet address designated by Mr. White Hat, where he may spend it as he sees fit for the cause of cybersecurity and to empower other projects and individuals.”
The Poly Network stated that it “had no intention of prosecuting Mr. White Hat” for the attack.