Timeline: Poly Network and the curious case of ‘Mr Whitehat’

When $611mn in crypto assets were stolen from the exchange platform Poly Network, nobody could have predicted the strange way the story unfolded

The biggest cryptocurrency heist of all time happened amidst the most bizarre of circumstances. Over US$611mn of assets were stolen from the Poly Network DeFi platform. There then followed a very public conversation between the hacker and the victim, which played out on Twitter and resulted in all the funds being returned less than two weeks later.

August 10th

$611mn is stolen

Poly Network announces the attack on Twitter in the following tweet: “Important Notice: We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon.”

The assets are transferred to hacker's addresses and consist of: 

  • $273mn Ethereum
  • $253mn BSC
  • $85mn Polygon

August 11th

$260mn is returned

The hacker responds to Poly Network’s appeal from the previous day with a message of their own, which states they carried out the hack to reveal the network’s vulnerabilities. Poly Network announces on Twitter that $260mn of the stolen funds has been returned but that $353 million remains outstanding. 


August 12th

Mysterious Mr. Whitehat opens a conversation

The hacker reveals his nickname as Mr. Whitehat. News agencies report further attempts to return the stolen funds have been made. Coindesk says the hackers have attempted to transfer a portion of the assets from one of the three wallets into liquidity pool Curve.fi. However, the transaction is rejected. An estimated $100 million is also moved out of another of the wallets and is deposited into liquidity pool Ellipsis Finance.


August 13th

Poly Network offers hacker $500,000 

While Mr. Whitehat assures Poly Network of his intentions to return all the stolen assets, the crypto exchange still offers a $500,000 ‘bug’ bounty for the return of the assets, but the next day, he publicly turns the offer down. 


August 17th

Hacker offered a job at Poly Network

Could this story get any weirder? As Poly Network attempts to recover the last $200mn of stolen assets, it offers Mr. Whitehat a job at the company, as its chief security advisor. First, the reward and then a job offer - the exchange platform looks more than a little desperate. 


August 23rd

All assets are returned

All funds are duly returned to Poly Network by the hacker - or hackers. According to Mr. Whitehat, the intention had always been to return the stolen cryptocurrency after highlighting security vulnerabilities. He said in an interview over social media during the event, “That was always the plan! I know it hurts people when they are attacked, but shouldn’t they learn something from it?”

He added, “I didn’t want to cause real panic in the crypto world. I took important tokens and didn’t sell any of them.”


Featured Articles

First Citizens Bank in rescue deal for Silicon Valley Bank

First Citizens Bank, which has completed more than 15 acquisitions of stricken US banks since 2009, has stepped in to take over SVB

Banks are capping crypto spending, but are they right to?

Several banks in the UK are limiting the amount of money that account holders can transfer to crypto exchanges. Is the move justified, or an overreach?

UBS agrees to rescue troubled Swiss bank Credit Suisse

UBS has agreed to rescue its troubled Swiss banking peer Credit Suisse, a move that has been welcomed by the Swiss National Bank and ECB alike

Credit Suisse gets $50bn emergency finance from central bank


Regulators race to salvage collapsed Silicon Valley Bank


Stripe's UK Head of Engineering talks 'women in fintech'

Digital Payments