The threat actor behind the attack on the Poly network cross-chain protocol has decided to return the funds they stole. The original attack left the threat actor with $611 million worth of cryptocurrency assets, $273 million worth of Ethereum tokens, $253 million in tokens on Binance Smart Chain, and $85 million in USDC on the Polygon network. The company asked the threat actor to return the funds to avoid law enforcement action, and at the time of writing, the threat actor returned $260 million worth of stolen cryptocurrency. The attacker has yet to return $269 million on Ethereum and $84 million on Polygon. According to the threat actor, they chose this attack because they saw it as one of the most challenging attacks they could have conducted. The threat actor embedded a Q&A in their attack and stated they did not trust anyone at Poly Network to fix the bug without exploiting it themselves, so they wanted to keep the money in a secure account while the bug was fixed.
It is unclear as to why the threat actor decided to return the money or if the rest of the stolen funds will be returned. Companies should have proper communication set up for people to report bugs within their organization and not have to go as far as to conduct the attack themselves. Companies should have the proper defenses in place to identify when attacks are happening, including monitoring such as Binary Defense’s Managed Detection and Response to find and mitigate attacks quickly.
More can be read here: https://securityaffairs.co/wordpress/121057/hacking/poly-network-hackers.html?utm_source=feedly&utm_medium=rss&utm_campaign=poly-network-hackers