In an unusual twist for the one of the largest cryptocurrency heists ever, a hacker who stole more than $600 million in tokens from blockchain-based platform Poly Network started sending back the stolen funds Wednesday after a slew of cryptocurrency experts and businesses pledged to track the hacker’s crypto wallet on the blockchain and help retrieve the assets.
In a transaction early Wednesday, the hacker said it’s “ready to return the fund!”
Transactions publicly stored on the blockchain show an address belonging to Poly’s hacker started returning the assets through several transactions early Wednesday.
So far, Tom Robinson, the chief scientist at blockchain analytics company Elliptic, says Poly has received about $258 million of the stolen funds, meaning about $350 million in stolen funds have yet to be retrieved.
The alleged hacker has been leaving notes alongside the transactions, which continued throughout Wednesday morning, in one instance saying: “Just dumped all assets on [blockchains] BSC & Polygon. Hacking for Good, I did save the project.”
In another message, the hacker included his cryptocurrency wallet address and asked for donations from those supporting his decision to return the stolen assets, which included about $267 million in ether, $252 million in binance coins and roughly $85 million in USDC tokens on the Polygon network.
The reversal comes after Poly demanded in a string of tweets that the hacker start returning the funds to three cryptocurrency wallet addresses, at one point saying the money stolen belonged to “tens of thousands of crypto community members.”
In an email to Forbes, Robinson confirmed the transactions and said he thinks the hacker beginning to return the funds “demonstrates that even if you can steal cryptoassets, laundering them and cashing out is extremely difficult due to the transparency of the blockchain.”
Tuesday’s hack on Poly marks one of the biggest hacks in cryptocurrency history and is even bigger than the $460 million hack on cryptocurrency exchange Mt. Gox that led to the company’s bankruptcy and heightened regulation in the nascent space about seven years ago. Shortly after the Tuesday morning exploit, Poly urged cryptocurrency miners and exchanges to “blacklist” tokens coming from the hacker’s addresses, and many soon heeded the call. Executives at some of the world’s largest cryptocurrency exchanges—including Huboi, OKEx and Binance—said they were monitoring their platforms for any activity by the hacker. Changpeng Zhao, Binance’s billionaire CEO, said the company, which serves as the primary operator of the blockchain on which binance coins are built, would coordinate with its security partners and “do as much as [it] can” to help. Meanwhile, Jay Hao, the CEO of cryptocurrency exchange OKEx, said the company is “watching the flow of coins and will do [its] best to manage the situation.”
What To Watch For
Legal action—and potential regulation—stemming from the hack. Less than a week ago, SEC Chairman Gary Gensler said booming decentralized finance platforms, also known as DeFi, deserve more government scrutiny and likened the space to the “Wild West.” According to crypto intelligence firm CipherTrace, more than 75% of cryptocurrency hacks this year have been linked to DeFi.
$103 billion. That’s the current market value of all decentralized finance tokens (like Polygon), according to cryptodata website CoinGecko. The space shot past a $100 billion valuation for the first time ever this year and peaked at about $150 billion in May before the broader crypto market crashed nearly 50%.
More Than $600 Million Stolen In Ethereum And Other Cryptocurrencies—Marking One Of Crypto’s Biggest Hacks Ever (Forbes)