Over $600 million is confirmed to have been taken, but the full extent of the damage is still unknown.
- Poly Network has been hacked resulting in over $600 million worth of losses.
- Funds across Ethereum, Binance Smart Chain, and Polygon have been affected.
- The hack appears to be the result of a vulnerability between contract calls.
Cross-chain protocol Poly Network has informed users of an exploit resulting in over $600 million worth of assets being taken by hackers.
The Biggest Hack in Crypto History
In a tweet posted Tuesday, Poly Network revealed that it had fallen victim to a hack resulting in the loss of over $600 million worth of assets across the Binance Smart Chain, Ethereum mainnet, and the Polygon network.
Important Notice:— Poly Network (@PolyNetwork2) August 10, 2021
We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon Assets had been transferred to hacker's following addresses:
Poly Network lists the addresses where funds were transferred to in the same Twitter thread, requesting that miners and crypto exchanges blacklist tokens coming from the hacker’s addresses. Additionally, Poly Network has threatened legal action, urging the hackers to return all assets taken.
Estimates of the amount taken vary, with at least $264 million stolen on Ethereum, $250 million from the Binance Smart Chain, and a further $85 million on Polygon. As Poly Network is a multi-chain protocol used by many projects, the full extent of the damage may not have been identified yet.
As news of the hack circulated online, members of the crypto community were quick to act. Moments before the hacker attempted to deposit the stolen funds into Curve Finance, Tether CTO Paolo Ardoino blacklisted the hacker’s address, freezing the USDT funds. Unfortunately, the hacker still managed to transfer some USDC funds into Curve’s stablecoin pool, making a recovery near impossible.
The Poly Network team have since confirmed in a tweet that the cause of the hack was a vulnerability between contract calls, not a compromised keeper’s key as was previously rumored.
After preliminary investigation, we located the cause of the vulnerability. The hacker exploited a vulnerability between contract calls, exploit was not caused by the single keeper as rumored.— Poly Network (@PolyNetwork2) August 10, 2021
While the Poly Network hack looks to be one of the largest hacks in cryptocurrency history, it may also rank highly compared to the biggest heists of all time. Only one other incident looks to have resulted in more money lost when Saddam Hussein’s son stole $930 million from the Bank of Iraq days before the Iraq invasion in 2003. While not technically heists, exit scams have also resulted in large amounts of cryptocurrency being lost. In June, the founders of the South African exchange Africrypt disappeared with over $3.6 billion worth of Bitcoin, making it one of the biggest thefts in history.