1. BITBILIHome
  2. Article

Poly Network temporarily halts services after another hack

29 views

TL;DR Breakdown

  • The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. 
  • Although the exact amount stolen in the attack was not specified by Poly Network, it was reported that the hacker transferred at least $5 million worth of crypto.
  • Binance CEO Changpeng Zhao reassured customers that the attack would not affect Binance users, as they do not support deposits from the Poly Network.

Description

The cross-chain bridge platform Poly Network fell victim to a major attack, resulting in a hacker being able to generate billions of tokens for profit on July 2. The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. The attack affected 57 different … Read more

The cross-chain bridge platform Poly Network fell victim to a major attack, resulting in a hacker being able to generate billions of tokens for profit on July 2. The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. The attack affected 57 different crypto assets across 10 blockchains, including Ethereum, BNB Chain, Polygon, Avalanche, Heco, OKx, and Metis.

Although Poly Network did not specify the exact amount stolen in the attack, it was reported that the hacker transferred at least $5 million worth of cryptocurrencies. In response to the incident, Poly Network initiated communication with centralized exchanges and law enforcement agencies, seeking their assistance in resolving the issue. The project team also advised other project teams and token holders to withdraw liquidity and unlock their LP tokens.

According to a DeFi security analyst, the exploit was a result of a smart contract vulnerability that allowed the hacker to craft a malicious parameter containing a fake validator signature and block header. This parameter was accepted by the smart contract, bypassing the verification process and enabling the hacker to issue tokens from Poly Network’s Ethereum pool to their address on other chains, such as Metis, BNB Chain, and Polygon. This process was repeated across multiple chains, resulting in the accumulation of a significant token stash.

Poly Network hack

At one point, the hacker’s wallet held approximately $42 billion worth of tokens, but they were only able to convert and steal a fraction of that amount. The attack has been called the “34 billion Poly Network hack” by blockchain security solutions provider Dedaub, highlighting weaknesses in the protocol’s multi-signature arrangement. Dedaub discovered that the private keys to the compromised addresses were compromised, emphasizing the need for more robust security measures.

Dedaub also noted that the attack was not complex and did not exploit any logic bugs. However, Poly Network’s response to the attack was criticized for being slow, taking seven hours, and resulting in a cost of $5.5 million in stolen crypto. Fortunately, a lack of liquidity in many of the tokens prevented further losses.

Binance CEO Changpeng Zhao reassured customers that the attack would not affect Binance users, as they do not support deposits from the Poly Network. This incident marks the second major attack on Poly Network, with the previous one occurring in August 2021, where hackers linked to the North Korean hacking collective, the Lazarus Group, made off with over $600 million.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Poly Network temporarily halts services after another hack

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月5日 05:38
Next 2023年7月5日 08:10

Related articles

  • The U.S. Advisory on Payment App Risks and Bitcoin’s Position as a Secure Alternative

    TL;DR Breakdown U.S. advisory warns about the risks of storing funds in payment apps like PayPal, Venmo, Zelle, and Payoneer, as they lack the same protections as traditional banks and credit unions. Bitcoin emerges as a secure alternative due to its decentralized nature, providing users with sole ownership and control over their funds. Recently, the Consumer Financial Protection Bureau (CFPB), a prominent U.S. government agency responsible for safeguarding consumer interests in the financial sector, issued a warning about the potential risks associated with storing funds in payment apps such as PayPal, Venmo, Zelle, and Payoneer. The advisory emphasizes that funds held in these payment apps may not benefit from federal deposit insurance, leaving consumers vulnerable to financial uncertainty in case of app failures or bankruptcy.  This advisory has sparked discussions about the security of alternative options, with Bitcoin emerging as a potential secure alternative due to its decentralized nature and user control over funds. This article delves into the U.S. advisory on payment app risks and explores Bitcoin’s growing adoption and its position as a secure alternative in the context…

    Article 2023年6月8日

  • US government suspected of owning $2.46 billion in Bitcoin

    TL;DR Breakdown The US Government is suspected of controlling the fifth-largest Bitcoin wallet globally, with holdings equivalent to $2.46 billion. Investigations found a link between the hack’s seizure address and the wallet’s owner, with notable transfers of significant BTC amounts. In 2022, the US Department of Justice recovered about $3.55 billion in stolen Bitcoin from the said account. Description Recent findings suggest that the US Government might control the global fifth-largest Bitcoin (BTC) wallet, containing 94,643 BTC, equivalent to $2.46 billion. This revelation came from the esteemed cybersecurity firm, Peckshield. The wallet is believed to have direct ties to the 2016 Bitfinex hack. Investigations have unveiled a connection between the hack’s seizure address and … Read more Recent findings suggest that the US Government might control the global fifth-largest Bitcoin (BTC) wallet, containing 94,643 BTC, equivalent to $2.46 billion. This revelation came from the esteemed cybersecurity firm, Peckshield. The wallet is believed to have direct ties to the 2016 Bitfinex hack. Investigations have unveiled a connection between the hack’s seizure address and the wallet’s owner. Notably, a transfer was made…

    Article 2023年8月31日

  • FTX Australia’s financial license canceled

    TL;DR Breakdown The financial regulatory authority of Australia has taken a significant step by revoking the financial license of FTX Australia. Despite the license being revoked, FTX Australia will be allowed to offer limited financial services to its clients until July 12 next year as they finalize their dealings with their customer base. Despite its troubled past, there is speculation that the exchange may not entirely disappear from the market.  Description The financial regulatory authority of Australia has taken a significant step by revoking the financial license of FTX Australia, a crypto exchange that had already filed for bankruptcy. On July 19, the Australian Securities and Investments Commission (ASIC) made the official announcement regarding the cancellation, which had been in effect since July 14. However, despite … Read more The financial regulatory authority of Australia has taken a significant step by revoking the financial license of FTX Australia, a crypto exchange that had already filed for bankruptcy. On July 19, the Australian Securities and Investments Commission (ASIC) made the official announcement regarding the cancellation, which had been in effect since…

    Article 2023年7月19日

  • Philippines SEC uncovers Gemini’s illegal operations

    TL;DR Breakdown The Philippines SEC has issued a warning to the public regarding the investment in Gemini’s Gemini Derivatives product. The SEC advisory, posted on their website, states that Gemini Derivatives falls under the category of securities according to Philippine law and should be registered with the SEC. The agency warns that individuals selling or promoting unregistered securities may face penalties, including fines of up to 5 million pesos ($89,826) or imprisonment for up to 21 years. The Securities and Exchange Commission (SEC) in the Philippines has issued a warning to the public regarding the investment in Gemini’s Gemini Derivatives product. The SEC advisory, posted on their website, states that Gemini Derivatives falls under the category of securities according to Philippine law and should be registered with the SEC. However, Gemini lacks the necessary licensing and authority to operate in the country, making it an unregistered security. The advisory also highlights the complaints filed by the United States Securities and Exchange Commission (SEC) and the U.S. Commodity Futures Trading Commission against the crypto exchange. It further quotes comments made by…

    Article 2023年5月24日

  • Floki Forms Partnership with DWF Labs to Accelerate Adoption of FLOKI Token

    TL;DR Breakdown Floki partners with DWF Labs, a prominent digital asset market maker and investment firm, to drive the adoption of the FLOKI token. DWF Labs’ investment and network will unlock funds and institutional connections, propelling Floki’s growth and establishing it as a credible cryptocurrency project. Floki, the people’s cryptocurrency and utility token of the Floki Ecosystem, has announced a strategic partnership with DWF Labs, a renowned digital asset market maker and multi-stage web3 investment firm. This collaboration comes as a result of DWF Labs’ strong belief in Floki’s potential and its commitment to the future of the Floki Ecosystem.  With DWF Labs purchasing $5 million worth of FLOKI tokens from the Floki Treasury, this partnership aims to leverage DWF Labs’ network and resources to accelerate the adoption of the FLOKI token and position Floki as one of the most recognized and widely used cryptocurrencies in the world. Contents hide 1 Unlocking Institutional Adoption with DWF Labs’ Support 2 DWF Labs: A Powerful Catalyst for Floki’s Growth 3 Floki’s Path to Prominence: Utility, Philanthropy, Community, and Marketing 4 Conclusion Unlocking…

    Article 2023年5月28日
TOP