Timeline: Poly Network and the curious case of ‘Mr Whitehat’

When $611mn in crypto assets were stolen from the exchange platform Poly Network, nobody could have predicted the strange way the story unfolded

The biggest cryptocurrency heist of all time happened amidst the most bizarre of circumstances. Over US$611mn of assets were stolen from the Poly Network DeFi platform. There then followed a very public conversation between the hacker and the victim, which played out on Twitter and resulted in all the funds being returned less than two weeks later.

August 10th

$611mn is stolen

Poly Network announces the attack on Twitter in the following tweet: “Important Notice: We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon.”

The assets are transferred to hacker's addresses and consist of: 

  • $273mn Ethereum
  • $253mn BSC
  • $85mn Polygon

August 11th

$260mn is returned

The hacker responds to Poly Network’s appeal from the previous day with a message of their own, which states they carried out the hack to reveal the network’s vulnerabilities. Poly Network announces on Twitter that $260mn of the stolen funds has been returned but that $353 million remains outstanding. 


August 12th

Mysterious Mr. Whitehat opens a conversation

The hacker reveals his nickname as Mr. Whitehat. News agencies report further attempts to return the stolen funds have been made. Coindesk says the hackers have attempted to transfer a portion of the assets from one of the three wallets into liquidity pool Curve.fi. However, the transaction is rejected. An estimated $100 million is also moved out of another of the wallets and is deposited into liquidity pool Ellipsis Finance.


August 13th

Poly Network offers hacker $500,000 

While Mr. Whitehat assures Poly Network of his intentions to return all the stolen assets, the crypto exchange still offers a $500,000 ‘bug’ bounty for the return of the assets, but the next day, he publicly turns the offer down. 


August 17th

Hacker offered a job at Poly Network

Could this story get any weirder? As Poly Network attempts to recover the last $200mn of stolen assets, it offers Mr. Whitehat a job at the company, as its chief security advisor. First, the reward and then a job offer - the exchange platform looks more than a little desperate. 


August 23rd

All assets are returned

All funds are duly returned to Poly Network by the hacker - or hackers. According to Mr. Whitehat, the intention had always been to return the stolen cryptocurrency after highlighting security vulnerabilities. He said in an interview over social media during the event, “That was always the plan! I know it hurts people when they are attacked, but shouldn’t they learn something from it?”

He added, “I didn’t want to cause real panic in the crypto world. I took important tokens and didn’t sell any of them.”


Featured Articles

FinTech LIVE New York – Reasons to Attend

Returning June 2024, FinTech LIVE New York will be the ultimate event to connect the world’s influential fintech leaders in North America

FinTech LIVE New York – One Month to Go!

Just one more month to go until FinTech LIVE New York, don’t miss out on attending the ultimate virtual event for fintech leaders in North America

The Global FinTech Awards: The Categories – Part 3

Discover the awards that your company, executive or project could be honoured with at The Global FinTech Awards 2024

SUBMISSIONS EXTENSION: The Global FinTech Awards 2024

Tech & AI

Joel Perlman, Co-founder, OakNorth joins FinTech LIVE London

Financial Services (FinServ)

The Global FinTech Awards: The Categories – Part 2

Financial Services (FinServ)