Poly Network says virtually all of the crypto-currency funds, valued at $610m, stolen from it by a thief have been returned.
The mysterious crook siphoned off the dosh earlier this month by exploiting a vulnerability in the Chinese exchange’s smart contracts that handle the movement of tokens between blockchains.
The thief, dubbed Mr White Hat by Poly Network, promised to hand the funds back, claiming it was just done for fun and to highlight the security flaw. A portion was given back earlier this month, and the rest has been returned, apparently. The coins will be funneled back to their rightful owners – Poly Network’s users stiffed in the record-breaking cyber-heist.
Specifically, some of the remaining funds were held in a wallet that could only be unlocked with the binary bandit’s help; the private key needed to access those funds was given up to Poly some hours ago.
“Poly Network has successfully retrieved the remaining 28,953 ETH and 1,032 WBTC (about $141m),” the outfit said today.
“At this point, all the user assets that were transferred out during the incident have been fully recovered. Thanks to Mr White Hat’s cooperation, Poly Network has officially entered the fourth phase of our roadmap: asset recovery. We are in the process of returning full asset control to users as swiftly as possible.”
According to messages embedded in transaction metadata by the thief, the miscreant has also returned the $500,000 bounty Poly paid for more details about the robbery as well as donations the crook received.
“Keep calm and this is the happy ending,” the rogue wrote. “I have to admit that my wild or mad behaviours have led crises to your project, your team or even your lives. Sorry for the inconvenience.
“I’m quitting the show. Believe it or not I never considered the shared wallet as the ‘hostage’ for ransom. As you may have noticed I have poured your bounty and my compensation fund from donations into the shared multisig wallet. Not sure it’s convenient, but distributing the extra assets to the ‘survivors’ would be the last request from this man.”
The only outstanding funds are $33m frozen by Tether soon after the digital larceny became apparent. Efforts are underway to unfreeze the digicash and return it to its owners.
So what next for the mystery miscreant? Well, even though the money has been returned, a crime was committed and the police may be keen to unmask the person as well as businesses. Blockchain security outfit Slowmist boasted earlier it had discovered “the attacker’s mailbox, IP, and device fingerprints through on-chain and off-chain tracking,” and others may be on the thief’s tail.
“I think that what happens next is largely up to law enforcement,” Tom Robinson, chief scientist at blockchain analysis house Elliptic, told The Register.
“There are certainly plenty of blockchain clues to start from, if they decide to pursue the person involved. Building secure decentralized applications is very challenging, and this person could be a very valuable resource. I’m sure many people would be keen to employ them, in the right circumstances.” ®