Poly Network confirmed this Monday (23) that the last US$ 200 million (or about R$ 1 billion) of the US$ 643 million stolen from the decentralized finance platform were returned by the hacker, ending a series of facts and twists that surrounded the biggest cryptocurrency theft in history.
In a Twitter post, the Poly Network team thanked the hacker and said they were “ready for a new journey” after confirming access to the latest installment of the stolen funds.
As a result, almost all resources returned to the platform’s domain. Only $33 million in theter (USDT) has yet to return, as it was blocked by the issuer when the attack was reported.
Last August 10th, the hacker exploited a vulnerability in Poly Network’s code and managed to transfer 2,858 ethereum tokens, 6,610 binance coins and US$85 million USDC. In an unprecedented attitude, the platform decided to appeal to the thief, who was called “Mr. White Hat” (in reference to a “good hacker” attitude).
The platform even promised a $500,000 reward to the hacker for helping to identify a flaw in its systems, as well as offering a job as “Chief Security Consultant.” Amidst the upheavals, the attacker held a public conversation with the victim and proceeded to return the stolen resources.
However, there was a problem. More than $200 million worth of ethereum was trapped in an account that required Poly Network and hacker passwords. In recent days, the attacker has refused to give up his password, simply saying that he will only do so when “everyone is ready”. Two weeks after the robbery, the thief ended the soap opera and shared the private key needed to regain control of the remaining assets.
The talks raised the suspicion that it was all a public relations coup. On the other hand, some security experts believe that the attacker may have had difficulty laundering the money since all transactions are logged on the blockchain.