Timeline: Poly Network and the curious case of ‘Mr Whitehat’
The biggest cryptocurrency heist of all time happened amidst the most bizarre of circumstances. Over US$611mn of assets were stolen from the Poly Network DeFi platform. There then followed a very public conversation between the hacker and the victim, which played out on Twitter and resulted in all the funds being returned less than two weeks later.
$611mn is stolen
Poly Network announces the attack on Twitter in the following tweet: “Important Notice: We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon.”
The assets are transferred to hacker's addresses and consist of:
- $273mn Ethereum
- $253mn BSC
- $85mn Polygon
$260mn is returned
The hacker responds to Poly Network’s appeal from the previous day with a message of their own, which states they carried out the hack to reveal the network’s vulnerabilities. Poly Network announces on Twitter that $260mn of the stolen funds has been returned but that $353 million remains outstanding.
Mysterious Mr. Whitehat opens a conversation
The hacker reveals his nickname as Mr. Whitehat. News agencies report further attempts to return the stolen funds have been made. Coindesk says the hackers have attempted to transfer a portion of the assets from one of the three wallets into liquidity pool Curve.fi. However, the transaction is rejected. An estimated $100 million is also moved out of another of the wallets and is deposited into liquidity pool Ellipsis Finance.
Poly Network offers hacker $500,000
While Mr. Whitehat assures Poly Network of his intentions to return all the stolen assets, the crypto exchange still offers a $500,000 ‘bug’ bounty for the return of the assets, but the next day, he publicly turns the offer down.
Hacker offered a job at Poly Network
Could this story get any weirder? As Poly Network attempts to recover the last $200mn of stolen assets, it offers Mr. Whitehat a job at the company, as its chief security advisor. First, the reward and then a job offer - the exchange platform looks more than a little desperate.
All assets are returned
All funds are duly returned to Poly Network by the hacker - or hackers. According to Mr. Whitehat, the intention had always been to return the stolen cryptocurrency after highlighting security vulnerabilities. He said in an interview over social media during the event, “That was always the plan! I know it hurts people when they are attacked, but shouldn’t they learn something from it?”
He added, “I didn’t want to cause real panic in the crypto world. I took important tokens and didn’t sell any of them.”