The hacker behind the massive $610 million heist of PolyNetwork has been offered a top security job… by the same company he stole from.
A week ago, the multi-chain interoperability protocol was at the centre of one of the world’s biggest cryptocurrency hacks.
The programmer behind the attack said the theft was an act of “hacking for good” to “save the project” before PolyNetwork went on to praise their temporary nemesis by labelling him ‘Mr White Hat’ – a term used to describe hackers who find liabilities in networks and alert companies to the breaches.
The hacker quickly offered to return the stolen funds to PolyNetwork, but may have received more than he expected after being offered a role as the company’s chief security adviser.
PolyNetwork took to a Bloomberg’s broadcast to explain the unusual offer.
“To extend our thanks and encourage Mr White Hat to continue contributing to security advancement in the blockchain world together with PolyNetwork, we cordially invite Mr White Hat to be the Chief Security Advisor of PolyNetwork,” the company said.
“Again, it is important to reiterate that PolyNetwork has no intention of holding Mr White Hat legally responsible, as we are confident that Mr White Hat will promptly return full control of the assets to PolyNetwork and its users.”
Hacker still has half of the network’s assets
According to the latest information, PolyNetwork is still trying to get all of its clients’ funds back.
The hacker returned half of the stolen assets, but had deposited approximately $235 million into a joint account that is protected by two keys required to unlock the funds. One of the keys was given to PolyNetwork, and the hacker possesses the second.
PolyNetwork bosses have been urging Mr White Hat to provide another key so the funds could be accessed, but they are still awaiting a response. The company has even said it would allow him to keep $500,000.
Tom Robinson – co-founder of blockchain forensics firm Elliptic Enterprises Ltd – explained that, while there have been plenty of DeFi hacks, there haven’t been any ongoing conversations between the hacker and the project.
“It seems like the hacker wants to retain some control over the funds,” he said.
“It just feels to me like the hacker has a bit of an ego – he wants to retain some attention.”
Chainalysis researchers are guessing that PolyNetwork’s attitude could be a tactical decision aimed at getting all of their funds back by appeasing Mr White Hat with money, kudos and “impressive” titles.
Gurvais Grigg, global public sector chief technology officer at Chainalysis believes it is possible that PolyNetwork was implying trust in the attacker in an attempt to convince them to do the right thing and return the funds as soon as possible.
“While it still remains to be seen how this strange story will play out, I can say that this is not typical behaviour of true white hat hackers,” he said.
Disclaimer: The views and opinions expressed by the author should not be considered as financial advice. We do not give advice on financial products.