1. BITBILIHome
  2. Article

Poly Network temporarily halts services after another hack

21 views

TL;DR Breakdown

  • The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. 
  • Although the exact amount stolen in the attack was not specified by Poly Network, it was reported that the hacker transferred at least $5 million worth of crypto.
  • Binance CEO Changpeng Zhao reassured customers that the attack would not affect Binance users, as they do not support deposits from the Poly Network.

Description

The cross-chain bridge platform Poly Network fell victim to a major attack, resulting in a hacker being able to generate billions of tokens for profit on July 2. The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. The attack affected 57 different … Read more

The cross-chain bridge platform Poly Network fell victim to a major attack, resulting in a hacker being able to generate billions of tokens for profit on July 2. The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. The attack affected 57 different crypto assets across 10 blockchains, including Ethereum, BNB Chain, Polygon, Avalanche, Heco, OKx, and Metis.

Although Poly Network did not specify the exact amount stolen in the attack, it was reported that the hacker transferred at least $5 million worth of cryptocurrencies. In response to the incident, Poly Network initiated communication with centralized exchanges and law enforcement agencies, seeking their assistance in resolving the issue. The project team also advised other project teams and token holders to withdraw liquidity and unlock their LP tokens.

According to a DeFi security analyst, the exploit was a result of a smart contract vulnerability that allowed the hacker to craft a malicious parameter containing a fake validator signature and block header. This parameter was accepted by the smart contract, bypassing the verification process and enabling the hacker to issue tokens from Poly Network’s Ethereum pool to their address on other chains, such as Metis, BNB Chain, and Polygon. This process was repeated across multiple chains, resulting in the accumulation of a significant token stash.

Poly Network hack

At one point, the hacker’s wallet held approximately $42 billion worth of tokens, but they were only able to convert and steal a fraction of that amount. The attack has been called the “34 billion Poly Network hack” by blockchain security solutions provider Dedaub, highlighting weaknesses in the protocol’s multi-signature arrangement. Dedaub discovered that the private keys to the compromised addresses were compromised, emphasizing the need for more robust security measures.

Dedaub also noted that the attack was not complex and did not exploit any logic bugs. However, Poly Network’s response to the attack was criticized for being slow, taking seven hours, and resulting in a cost of $5.5 million in stolen crypto. Fortunately, a lack of liquidity in many of the tokens prevented further losses.

Binance CEO Changpeng Zhao reassured customers that the attack would not affect Binance users, as they do not support deposits from the Poly Network. This incident marks the second major attack on Poly Network, with the previous one occurring in August 2021, where hackers linked to the North Korean hacking collective, the Lazarus Group, made off with over $600 million.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Poly Network temporarily halts services after another hack

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月5日 05:38
Next 2023年7月5日 08:10

Related articles

  • Binance’s power play with Binance.US exposed

    TL;DR Breakdown Binance’s senior executive, Guangying Chen, was authorized to operate five bank accounts belonging to Binance.US, indicating a strong control by Binance over its U.S. affiliate. Despite Binance.US’s claims of operational independence, the revealed financial control raises questions about the actual autonomy of the American affiliate. U.S. authorities, including the Commodity Futures Trading Commission, are closely monitoring Binance’s U.S. operations amidst allegations of evasion of commodity laws. The labyrinthine relationship between the colossal cryptocurrency exchange, Binance, and its ostensibly separate U.S. affiliate, Binance.US, has come under renewed scrutiny, with new evidence demonstrating the tight control the crypto exchange has exerted over its U.S. counterpart. Banking documents from 2019 and 2020 indicate that a senior executive from Binance, Guangying Chen, wielded authority over the financial activities of Binance.US, adding a new layer of complexity to an already intricate relationship between the two entities. Inside the power dynamics Chen, a close associate of Binance CEO Changpeng Zhao, was authorized by U.S. lender Silvergate Bank to operate five bank accounts linked to Binance.US. This authorization enabled her, along with her deputies, to…

    Article 2023年6月10日

  • Crypto funds experience withdrawals as prices continue to rise

    TL;DR Breakdown Investors have experienced massive withdrawals as institutional investors cash in on their investments. The market shows resilience as institutional interests persist. According to a recent report by CoinShares, the past seven weeks have seen a drawdown of $329 million from crypto funds, with last week alone accounting for investor withdrawals of $62 million. This decline in assets under management (AUM) is attributed to a rise in investors capitalizing on short positions, following a substantial 56% increase in cryptocurrency prices over the past year. Institutional investors withdraw $62 million from crypto funds last week CoinShares, which monitors the flow of money into exchange-traded products, mutual funds, and over-the-counter trusts tracking digital assets like Bitcoin, Ethereum, and altcoins, observed a notable outflow of $51 million from the Tron blockchain. However, CoinShares’ head of research, James Butterfill, noted that this might be due to a withdrawal of seed capital rather than any concerning developments. Bitcoin crypto funds experienced a smaller outflow of $2.7 million, while the more volatile short-Bitcoin funds saw $6.3 million in outflows. Short-Bitcoin funds enable investors to sell…

    Article 2023年6月11日

  • Bitget MD complains about the negative impact of copy trading

    TL;DR Breakdown Bitget MD Gracy Chen has complained about the negative impact that copy trading is having on the crypto market. The firm continues its growth with a sojourn into the Middle East. Description Copy trading, a trading strategy that links a portion of a trader’s funds to the account of a copied investor has been making waves in the cryptocurrency industry. Gracy Chen, the managing director of Bitget, a crypto derivatives and copy trading platform, highlighted the strategy’s growing popularity among novice traders. Copy trading has not only … Read more Copy trading, a trading strategy that links a portion of a trader’s funds to the account of a copied investor has been making waves in the cryptocurrency industry. Gracy Chen, the managing director of Bitget, a crypto derivatives and copy trading platform, highlighted the strategy’s growing popularity among novice traders. Copy trading has not only disrupted the crypto market but has also proven to be effective, especially during challenging times like the “crypto winter.” Bitget MD backs up his complaints with market data Chen referred to a report…

    Article 2023年7月24日

  • BoE CBDC Chief says digital pound will be pseudonymous and privacy-focused

    TL;DR Breakdown The BoE underlying technology for the United Kingdom’s CBDC could use an alternative to blockchain technology to advance the digital pound dubbed Britcoin. Tom Mutton asserts that the privacy aspect of the CBDC will not collect personal data. European legislatures call for MiCA 2.0 – but is it necessary? Description The Bank of England (BoE) has made substantial progress with its central bank digital currency (CBDC) program. Tom Mutton, director of fintech at the Bank of England, recently discussed the privacy aspect of the CBDC and why the central bank might consider alternatives to blockchain as the underlying technology. In the interview, Mutton stated that … Read more The Bank of England (BoE) has made substantial progress with its central bank digital currency (CBDC) program. Tom Mutton, director of fintech at the Bank of England, recently discussed the privacy aspect of the CBDC and why the central bank might consider alternatives to blockchain as the underlying technology. In the interview, Mutton stated that during a recent meeting of technologists hosted by the BoE to debate the design of…

    Article 2023年6月30日

  • Jimbos protocol offers deal to attacker following exploit

    TL;DR Breakdown Jimbos protocol has offered a deal to the attacker that stole $7.5 million from its platform. The platform is working with security agencies to fish out the attacker. In a recent incident, the team behind the decentralized finance (DeFi) application Jimbos Protocol has taken a unique approach to deal with an exploiter who drained $7.5 million from its treasury-owned liquidity pool. The team has offered the attacker a proposition: return 90% of the funds and keep the remaining 10%, or face potential prosecution and legal consequences. Jimbos asked the attacker to take the deal or face prosecution On May 28, the Jimbos team posted a message on the Ethereum network, stating that if 90% of the funds were returned, the attacker would not be prosecuted. Seeking a response, they later issued a second message on the same day, setting a deadline of “tomorrow by 4 PM UTC” for the return of the funds. The team emphasized that failure to comply would result in their collaboration with law enforcement agencies. Following the expiration of the deadline, the team announced…

    Article 2023年6月3日
TOP