Timeline: Poly Network and the curious case of ‘Mr Whitehat’

When $611mn in crypto assets were stolen from the exchange platform Poly Network, nobody could have predicted the strange way the story unfolded

The biggest cryptocurrency heist of all time happened amidst the most bizarre of circumstances. Over US$611mn of assets were stolen from the Poly Network DeFi platform. There then followed a very public conversation between the hacker and the victim, which played out on Twitter and resulted in all the funds being returned less than two weeks later.

August 10th

$611mn is stolen

Poly Network announces the attack on Twitter in the following tweet: “Important Notice: We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon.”

The assets are transferred to hacker's addresses and consist of: 

  • $273mn Ethereum
  • $253mn BSC
  • $85mn Polygon

August 11th

$260mn is returned

The hacker responds to Poly Network’s appeal from the previous day with a message of their own, which states they carried out the hack to reveal the network’s vulnerabilities. Poly Network announces on Twitter that $260mn of the stolen funds has been returned but that $353 million remains outstanding. 


August 12th

Mysterious Mr. Whitehat opens a conversation

The hacker reveals his nickname as Mr. Whitehat. News agencies report further attempts to return the stolen funds have been made. Coindesk says the hackers have attempted to transfer a portion of the assets from one of the three wallets into liquidity pool Curve.fi. However, the transaction is rejected. An estimated $100 million is also moved out of another of the wallets and is deposited into liquidity pool Ellipsis Finance.


August 13th

Poly Network offers hacker $500,000 

While Mr. Whitehat assures Poly Network of his intentions to return all the stolen assets, the crypto exchange still offers a $500,000 ‘bug’ bounty for the return of the assets, but the next day, he publicly turns the offer down. 


August 17th

Hacker offered a job at Poly Network

Could this story get any weirder? As Poly Network attempts to recover the last $200mn of stolen assets, it offers Mr. Whitehat a job at the company, as its chief security advisor. First, the reward and then a job offer - the exchange platform looks more than a little desperate. 


August 23rd

All assets are returned

All funds are duly returned to Poly Network by the hacker - or hackers. According to Mr. Whitehat, the intention had always been to return the stolen cryptocurrency after highlighting security vulnerabilities. He said in an interview over social media during the event, “That was always the plan! I know it hurts people when they are attacked, but shouldn’t they learn something from it?”

He added, “I didn’t want to cause real panic in the crypto world. I took important tokens and didn’t sell any of them.”


Featured Articles

Visa & Currencycloud: Pioneering cross-border solutions

We speak to Colleen Ostrowski, SVP, Treasurer and GM of Cross-Border Solutions at Visa, about how the company delivers B2B4X cross-border solutions

Cross-blockchain comms enabler Wormhole lands US$225m

Wormhole, the messaging protocol enabling cross-blockchain communications, has raised a staggering US$225m in new funding

Defaqto: Helping clients ‘make smarter financial decisions’

We look at the life and career of John Milliken, CEO of Defaqto – a company known for issuing star ratings, but with far more going on under the hood…

WorldFirst: Why now is time for SMEs to seek trade in Asia

Financial Services (FinServ)

Mastercard webinar: Shaping the Future of Fintech

Financial Services (FinServ)

Embedded finance: Innovating for good

Financial Services (FinServ)