Poly Network hack exposes Defi rug pulls flaws, Be aware

Poly Network hack exposes Defi rug pulls flaws, Be aware

Disclosure News
August 18, 2021 by Delnia
626
The initial motivations of the Defi rug pull hacker are unknown. However, they declined to take a $500,000 reward after returning all-cash. Although it appeared that crypto hacks were on the decline, the market recently witnessed one of the largest-ever attacks in the young history of decentralized finance (Defi). So an unknown hacker exploited a loophole in the digital framework of the Poly Network cross-chain protocol and took away $610 million from three different Blockchains.
Poly Network hack exposes Defi rug pulls flaws, Be aware

Ontology, Neo, and Switcheo are leading a joint effort called the Poly Network. Its goal is to create a “heterogeneous interoperability protocol coalition” that will integrate Blockchains into a broader cross-chain ecosystem. The protocol’s architecture enables users to transfer tokens across multiple Blockchains effortlessly.

Poly Network’s core developer team has further elaborated on the development, revealing that the attack resulted in the theft of $273 million from Ethereum, $85 million from the Polygon network, and $253 million from the Binance Smart Chain. In addition, the attack resulted in the loss of significant quantities of renBTC, wrapped Bitcoin (BTC), and wrapped Ether (width). 

Stay with Antidolos Blockchain news to learn more about “Defi rug pulls flaws”

Intelligent contract interactions

One of Poly Network’s sub-systems — meant to be capable of transmitting users’ intelligent contract interactions among multiple Blockchains — turned out to be defective, according to Anton Bukov, co-founder of Defi rug pulls aggregator 1inch Network, who added:

The hacker created a system contract on another chain by bridging false transaction interactions and transferring ownership rights for the assets’ vault to the hacker’s public key. The issue went unnoticed by Poly Network’s developers and auditors, allowing for many arbitrary users calls via a smart contract with various privileges.

Antidolos ICO IEO rating and review will say more about this news. Stay with us.

Putting on a white hat for Defi rug pulls

John Jefferies, CipherTrace’s principal financial analyst, told Antidolos that this event is particularly fascinating when contrasted to previous Defi rug pulls breaches, which generally employed a type of flash loans and arbitrage to exploit a smart contract and steal cash, adding:

In essence, the hacker identified a flaw that allowed him to bypass the private keys and have the contract send the money straight to himself. The hacker appears to have reused a wallet that had had past transactions with several big exchanges that would have identifiable KYC information on him in all of their switching in an effort to conceal their trail.”

Moreover, even though all of the stolen monies have been returned to their rightful owners, Jefferies isn’t fully persuaded of the hacker’s intentions. He believes that if a white hat had always meant to return the money, they would not have endeavored to obscure the fund’s trail.

Soon after the breach, the Poly Network hacker performed an Ask Me Anything-style self-interview using embedded messages in Ethereum transactions, which was a weird but intriguing turn of events. When asked why the Poly Network was chosen as a target, the Defi rug pulls hacker replied, “cross-chain hacking is hot,” adding that they spent a significant amount of time attempting to find vulnerabilities.

Hackers have no plan to keep the $610 million

Furthermore, the hacker claimed that the plan was never to keep the $610 million. But to publicize the vulnerability before Poly Network’s developers could secretly fix the bug. I’d want to give them [Poly Network] some advice on how to protect their networks in the future so that they can manage a billion-dollar project. “In addition,” he said, I’d like to add:

When I initially noticed the bug, I had mixed feelings. Consider what you would do if you were given such a chance—inquiring respectfully with the project team to see if they can help? Given a billion dollars, anyone might be a traitor. Nobody can I put my faith in! Saving it in a trustworthy account is the only approach I can think of.

Defi Rug Pulls and the funds are back

Poly Network announced on Thursday that all $610 million of the assets had been moved to a multi-sig wallet under its control. As well as the hackers. The only surviving tokens are $33 million worth of Tether (USDT). Locked as soon as the Defi rug pulls hack was revealed.

The Poly Network hacker began by returning a substantial amount of the stolen cash to the Defi protocol. A cross-chain cross-chain cross-chain cross-chain cross-chain cross-chain cross-chain cross-chain cross-chain cross-chain cross-chain cross. In fact, CipherTrace confirmed more than a day after the incident that at least $ 265 million was returned to Poly Network in the form of $ 1 million in USDC; $256.2 million mainly via Bitcoin BEP-2 (BTCB), Binance Pegged-Ether. And Binance USD (BUSD); $2.637 million in USDC; and $2.637 million in USDC.

The attacker stated from the start that he was willing to restore all of the stolen cash. A promise that kept this past Thursday. And that the goal was to teach Poly a costly lesson about its security vulnerabilities. Do you want more data about Poly Network hack exposes Defi rug pulls flaws? Stay with us untill the end of this article.

Blockchain analytics firm Elliptic

According to Tom Robinson, the chief scientist at Blockchain analytics firm Elliptic. The hacker’s change of heart may have been due to the Blockchain’s transparency. Making it extremely difficult for the hacker to launder/cash out the stolen assets.

While thefts are never a good thing, Sebastian Bürgel. The founder of Ethereum-based data privacy protocol HOPR. He told Cointelegraph that the Defi community came together to prevent the hacker from withdrawing or exchanging any of the stolen funds — from Tether freezing $33 million worth of USDT to OKEx. And Binance lending a helping hand in monitoring the siphoned funds.

It hoped that this would lead to a stronger emphasis on security and audits. While Defi rug pulls zeal is contagious, it’s vital to realize that there’s a lot of money on the line. The urge to move swiftly cannot take precedence over security.

No, thank you,” says “Mr. White Hat

After determining that the hacker’s motives were pure. A Poly Network spokesperson said the company was willing to offer the individual.

Surprisingly, the hacker respectfully declined, claiming he had never received the offer before. He signed off by saying, “I will return all of their money back.

With all of the cash restored, except for the frozen USDT. It looks that the biggest hack in the history of decentralized finance has finally come to an end. Even though the hacker’s identity is still unknown. Chinese cybersecurity firm SlowMist recently issued an update stating that its security team was able to identify the attacker’s email address. IP address, and device fingerprint.

Hopefully, this incident serves as a stark reminder of the necessity of security while setting the groundwork for any endeavor. Regardless of its technological promise. As a result, it will be fascinating to observe how Defi rug pulls startups and other companies to grow. And update their current security settings because the hacker may be hesitant to refund the money the next time around.

Sum-up about Defi rug pulls

We are always trying and improving our work and you can also find the latest uncensored Cryptocurrency news and high-tech updates in Antidolos. If you are interested in this kind of news. Please share your comments and ideas here at Antidolos Cryptocurrency news. Also, we would love to have more connections with you and help you to Request analysis ICO on the top Cryptocurrency news website.

References:
https://cointelegraph.com/news/poly-network-hack-exposes…

https://cointelegraph.com/news/how-do-defi-protocols…
https://cointelegraph.com/news/hackers-stole-at-least-600m…

1 Comment

  • Rozitta

    What is Defi rug pulls? I love hack stuff and always follow your article about Poly Network hack. Antidolos Cryptocurrency news is the best.

Add a comment