by Lydia Ludmila 
- Heist surpasses the estimated $450 million worth of Bitcoin stolen from Mt. Gox
- Last $200 million locked, passwords from both the hacker and Poly Network for access needed
- Poly Network to implement “significant system upgrade”
DeFi project Poly Network promised the hacker, who made off with more than $600 million worth of tokens last week, a $500,000 bounty to restore the funds and offered them the position of “chief security advisor,” CNBC reported. The hacker has returned most of them with the exception of about $200 million, which they will also give back, but not until “everyone is ready.”
“Biggest heist of all time”
Poly Network, a so-called decentralized finance or “DeFi” project, allows its customers to switch tokens between digital ledgers. The hacker took advantage of a flaw in the code, letting them transfer the assets to their own crypto wallets.
The crypto heist surpassed the $534.8 million stolen from Coincheck in a 2018 attack and the estimated $450 million worth of Bitcoin (BTC/USD) stolen from Mt. Gox, another Japan-based exchange, in 2014. This is a rare time, in which a hacker will return the stolen funds. The remaining $200 million is locked in an account that requires passwords from both the hacker and Poly Network to gain access.
What is white hat hacking?
“White Hat” refers to ethical hackers who exploit system vulnerabilities with the purpose of bringing about improvement. In this case, it’s not clear why the perpetrator is withholding access to the last part of the money. Platforms only offer rewards to people who report bugs to help them identify and resolve flaws before the public gets wind of them.
Significant upgrades in store for Poly
Poly Network hopes to implement a “significant system upgrade” to stop this from ever happening again, but this can’t take place before the hacker makes payment of the last tranche. According to the group, the offer of $500,000 bounty still stands. They even invited the hacker to take a position as “chief security advisor,” saying:
“To extend our thanks and encourage Mr. White Hat to continue contributing to security advancement in the blockchain world together with Poly Network, we cordially invite Mr. White Hat to be the Chief Security Advisor of Poly Network. Poly Network previously promised to reward Mr. White Hat with a $500,000 bug bounty, but he did not accept it and has publicly stated that he has considered offering it to the technical community who have made contributions to blockchain security.”
