PolyNetwork hacker returns $260M of stolen crypto assets

PolyNetwork hackers have reportedly returned approximately a third of the $610 million they stole in one of the biggest cryptocurrency thefts on record in the growing DeFi sector.

The online thieves agreed to return the whole amount stolen from a decentralised finance protocol PolyNetwork platform, which works as an intermediator in connecting different blockchains so that they can work together.

In a message, the unidentified hackers said that they “just dumped all the assets.”

“Hacking for good, I did save the project,” one hacker added.

However, Tom Robinson, co-founder of blockchain forensics firm Elliptic., said that only around $260 million has been returned so far.

Even though hacking and stealing are criminal deeds, hackers has the arrogance to ask for donations as a reward for returning the funds. So far, they’ve garnered $200, Robinson said.

The hackers also posted their Q&A online saying they attacked the platform only “for fun,” and adding that they took the funds in order “to keep it safe” after spotting a bug in the computer code. The hackers ended the missive saying they will be impossible to trace. “I prefer to stay in the dark and save the world.”

Returning assets as safest option

Blockchain security researcher SlowMist revealed that he discovered the attackers’ email address, IP address and device fingerprint. As thousands of people were affected by the attack, it’s no wonder that the Elliptic, as well as scores of cryptocurrency exchanges and trackers, have been on the hunt since.

Robinson explained: “This demonstrates that even if you can steal crypto-assets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the use of blockchain analytics.”

According to blockchain researcher Chainalysis: “In this case, the hacker concluded that the safest option was just to return the stolen assets.”

The company added that 11 different cryptocurrencies, including $93 million in Ether were stolen and that PolyNetwork was meant to act as a money launderer. The attacker reportedly tried to cash in Dai and USDC coins and converting them all back to Dai, Chainalysis said.

Crypto security firm CipherTrace said that DeFi apps through which let people lend, borrow and trade coins without using intermediaries, recently became frequent targets of attacks. Around $156 million was netted from DeFi-related hacks only during the first five months of the year, surpassing the $129 million stolen in such attacks through all of 2020,