1. BITBILIHome
  2. Article

Poly Network temporarily halts services after another hack

135 views

TL;DR Breakdown

  • The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. 
  • Although the exact amount stolen in the attack was not specified by Poly Network, it was reported that the hacker transferred at least $5 million worth of crypto.
  • Binance CEO Changpeng Zhao reassured customers that the attack would not affect Binance users, as they do not support deposits from the Poly Network.

Description

The cross-chain bridge platform Poly Network fell victim to a major attack, resulting in a hacker being able to generate billions of tokens for profit on July 2. The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. The attack affected 57 different … Read more

The cross-chain bridge platform Poly Network fell victim to a major attack, resulting in a hacker being able to generate billions of tokens for profit on July 2. The exploit involved manipulating a smart contract function on the platform’s cross-chain bridge protocol, leading Poly Network to temporarily suspend its services. The attack affected 57 different crypto assets across 10 blockchains, including Ethereum, BNB Chain, Polygon, Avalanche, Heco, OKx, and Metis.

Although Poly Network did not specify the exact amount stolen in the attack, it was reported that the hacker transferred at least $5 million worth of cryptocurrencies. In response to the incident, Poly Network initiated communication with centralized exchanges and law enforcement agencies, seeking their assistance in resolving the issue. The project team also advised other project teams and token holders to withdraw liquidity and unlock their LP tokens.

According to a DeFi security analyst, the exploit was a result of a smart contract vulnerability that allowed the hacker to craft a malicious parameter containing a fake validator signature and block header. This parameter was accepted by the smart contract, bypassing the verification process and enabling the hacker to issue tokens from Poly Network’s Ethereum pool to their address on other chains, such as Metis, BNB Chain, and Polygon. This process was repeated across multiple chains, resulting in the accumulation of a significant token stash.

Poly Network hack

At one point, the hacker’s wallet held approximately $42 billion worth of tokens, but they were only able to convert and steal a fraction of that amount. The attack has been called the “34 billion Poly Network hack” by blockchain security solutions provider Dedaub, highlighting weaknesses in the protocol’s multi-signature arrangement. Dedaub discovered that the private keys to the compromised addresses were compromised, emphasizing the need for more robust security measures.

Dedaub also noted that the attack was not complex and did not exploit any logic bugs. However, Poly Network’s response to the attack was criticized for being slow, taking seven hours, and resulting in a cost of $5.5 million in stolen crypto. Fortunately, a lack of liquidity in many of the tokens prevented further losses.

Binance CEO Changpeng Zhao reassured customers that the attack would not affect Binance users, as they do not support deposits from the Poly Network. This incident marks the second major attack on Poly Network, with the previous one occurring in August 2021, where hackers linked to the North Korean hacking collective, the Lazarus Group, made off with over $600 million.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Poly Network temporarily halts services after another hack

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月5日 05:38
Next 2023年7月5日 08:10

Related articles

  • BRICS nations cut $18.9 Billion in US treasuries — What’s the impact?

    TL;DR Breakdown BRICS countries, including China, Brazil, India, and the UAE, have collectively sold off $18.9 billion in U.S. Treasury bonds within one month. The BRICS nations are increasingly looking to diversify their portfolios, possibly as a hedge against U.S. economic policies. Description Recent data from the U.S. Treasury Department reveals a significant move by members of the BRICS economic alliance—Brazil, Russia, India, China, and South Africa. China, the world’s second-largest holder of U.S. treasuries, has notably reduced its holdings from $835.4 billion in June to $821.8 billion in July. This marks a decline of $13.6 billion in … Read more Recent data from the U.S. Treasury Department reveals a significant move by members of the BRICS economic alliance—Brazil, Russia, India, China, and South Africa. China, the world’s second-largest holder of U.S. treasuries, has notably reduced its holdings from $835.4 billion in June to $821.8 billion in July. This marks a decline of $13.6 billion in just one month. Additionally, over the past year, China has offloaded about $117.4 billion worth of U.S. government debt. Other BRICS members follow suit…

    Article 2023年9月24日

  • Binance CEO slams fraudulent entity in cease-and-desist letter amid Nigerian SEC battle

    TL;DR Breakdown Binance CEO takes decisive action against the fraudulent entity masquerading as Binance Nigeria Limited, sending a cease-and-desist letter. Binance denies affiliation with the fraudulent company mentioned in the Nigerian SEC’s circular. The settlement agreement was reached in the U.S. case, leading to the withdrawal of the temporary restraining order on Binance.US assets. Description Binance CEO, Changpeng Zhao, has taken a decisive stance against a fraudulent entity masquerading as Binance Nigeria Limited, revealing that a formal cease-and-desist letter has been dispatched. The move comes in response to the Nigerian Securities and Exchange Commission (SEC) issuing a circular on June 9, deeming Binance Nigeria Limited as an unlawful entity within … Read more Binance CEO, Changpeng Zhao, has taken a decisive stance against a fraudulent entity masquerading as Binance Nigeria Limited, revealing that a formal cease-and-desist letter has been dispatched. The move comes in response to the Nigerian Securities and Exchange Commission (SEC) issuing a circular on June 9, deeming Binance Nigeria Limited as an unlawful entity within the country. Binance have issued cease & desist notice to the scammer…

    Article 2023年6月20日

  • Crypto couple pleads guilty to money-laundering conspiracy linked to $4.5 billion Bitfinex hack

    TL;DR Breakdown Ilya Lichtenstein and Heather Morgan pleaded guilty to laundering $4.5 billion in Bitcoin stolen from Bitfinex. The couple used complex schemes to launder the funds, including burying gold coins and international travel. The case marked a significant recovery of $3.6 billion, with Bitfinex praising the DOJ’s efforts. Description In a landmark court appearance, Ilya Lichtenstein, a 35-year-old self-proclaimed angel investor, and his wife Heather Morgan, an internet rapper who calls herself “Razzlekhan” or the “Crocodile of Wall Street,” admitted to orchestrating the theft of Bitcoin valued in billions from the cryptocurrency exchange, Bitfinex. Lichtenstein and Morgan pleaded guilty to a conspiracy tied to … Read more In a landmark court appearance, Ilya Lichtenstein, a 35-year-old self-proclaimed angel investor, and his wife Heather Morgan, an internet rapper who calls herself “Razzlekhan” or the “Crocodile of Wall Street,” admitted to orchestrating the theft of Bitcoin valued in billions from the cryptocurrency exchange, Bitfinex. Lichtenstein and Morgan pleaded guilty to a conspiracy tied to money laundering before US District Judge Colleen Kollar-Kotelly. The plea is the culmination of a protracted saga…

    Article 2023年8月5日

  • Bank of America report: Ripple-SEC ruling leaves regulatory questions unanswered

    TL;DR Breakdown The Ripple-SEC ruling has left regulatory uncertainty in the crypto industry due to the unique nature of Ripple’s XRP offerings. Bank of America’s report emphasizes the need for clear regulatory guidelines for digital assets. According to Needham, The ruling could ease regulatory pressure on crypto exchange Coinbase. Description The recent court ruling in the lawsuit between Ripple Labs and the U.S. Securities and Exchange Commission (SEC) has sparked a discussion on the broader implications of the decision for the wider cryptocurrency industry. The U.S. District Court of the Southern District of New York ruled that Ripple’s sale of its XRP token on exchanges … Read more The recent court ruling in the lawsuit between Ripple Labs and the U.S. Securities and Exchange Commission (SEC) has sparked a discussion on the broader implications of the decision for the wider cryptocurrency industry. The U.S. District Court of the Southern District of New York ruled that Ripple’s sale of its XRP token on exchanges and through algorithms did not constitute investment contracts, marking a partial victory for Ripple. However, the court…

    Article 2023年7月25日

  • Ripple CTO breaks silence on PayPal’s PYUSD

    TL;DR Breakdown PayPal, the renowned payment platform headquartered in San Jose, California, has recently made waves by introducing its very own stablecoin, known as PayPal USD (PYUSD). Ripple’s Chief Technology Officer (CTO) David Schwartz emphasized that the actual centralization aspect of PYUSD stems from its valuation being tied to PayPal’s legal obligation to exchange it for U.S. dollars.  Description In a significant move, PayPal, the renowned payment platform headquartered in San Jose, California, has recently made waves by introducing its very own stablecoin, known as PayPal USD (PYUSD). This latest development stands out as one of the company’s most noteworthy strides into the cryptocurrency arena since its initial entry back in 2020. The unveiling … Read more In a significant move, PayPal, the renowned payment platform headquartered in San Jose, California, has recently made waves by introducing its very own stablecoin, known as PayPal USD (PYUSD). This latest development stands out as one of the company’s most noteworthy strides into the cryptocurrency arena since its initial entry back in 2020. The unveiling of PYUSD, which is tethered to the U.S….

    Article 2023年8月8日
TOP