UK Markets close in 7 hrs 57 mins
  • FTSE 100

    -62.61 (-0.87%)
  • FTSE 250

    -214.26 (-0.94%)
  • AIM

    -4.53 (-0.38%)

    +0.0012 (+0.10%)

    +0.0001 (+0.0106%)

    -690.61 (-1.58%)
  • CMC Crypto 200

    -15.95 (-1.09%)
  • S&P 500

    -53.96 (-1.18%)
  • DOW

    -461.68 (-1.34%)

    +0.97 (+1.48%)

    -9.30 (-0.52%)
  • NIKKEI 225

    -182.25 (-0.65%)

    +130.01 (+0.55%)
  • DAX

    -187.89 (-1.21%)
  • CAC 40

    -77.99 (-1.13%)

Hackers begin returning funds from sensational $600m crypto heist

  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
·4-min read
In this article:
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
Hacker stealing password and identity, computer crime.
The $600m hack saw an about turn on Wednesday morning in London. Photo: Getty

Hackers have started to return part of a $610m haul of stolen cryptocurrencies, in what appears to be a stunning reversal of one of the biggest ever crypto heists.

News broke on Tuesday that hackers had stolen around $610m from Poly Network, a blockchain protocol which helps link blockchains together.

About $267m of ethereum (ETH-USD), $252m of Binance coin (BNB-USD) and roughly $85m in USDC tokens were taken, according to wallet addresses posted on Twitter. Looters apparently exploited a vulnerability in Poly Network's systems to make off with the funds.

The hack is thought to be one of the largest ever in crypto, trumping the $530m heist at Tokyo-based bitcoin exchange Coincheck in 2018.

Poly Network posted a letter on Twitter pleading for communication with the hackers and urging them to return the assets. It called the theft "one of the biggest in the DeFi history", referring to the decentralised finance space Poly Network operates in.

"Law enforcement in any country will regard this as a major crime. and you will be pursued," the company said in its letter.

Incredibly, hackers appear to have listened. Around $2m has been returned so far. The apparent hackers embedded the message "READY TO RETURN THE FUND!" in an ethereum transaction on Thursday morning. A second message embedded in a transaction read: "IT'S ALREADY A LEGEND TO WIN SO MUCH FORTUNE. IT WILL BE AN ETERNAL LEGEND TO SAVE THE WORLD. I MADE THE DECISION, NO MORE DAO". The return is still in progress and can be monitored on the blockchain.

The reversal comes after security researchers said they had identified a trail of digital clues left by the hackers. 

SlowMist, a blockchain security firm, said it had managed to identify "the attacker’s mailbox, IP, and device fingerprints through on-chain and off-chain tracking, and is tracking possible identity clues related to the Poly Network attacker".

"I think this demonstrates that even if you can steal cryptoassets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the use of blockchain analytics," Dr Tom Robinson, co-founder & chief scientist at Elliptic, a company that specialises in blockchain analytics, told Yahoo Finance UK.

"In this case, the hacker concluded that the safest option was just to return the stolen assets. So I think that this will actually improve confidence in decentralized finance."

The hacker embedded a message in an ethereum transaction.
The hacker embedded a message in an ethereum transaction.

Poly Network is a computer protocol that allows users to transfer tokens from one blockchain to another. These include networks such as Binance Chain and ethereum, which have developed independently from each other. Coins on one network are not easy to move due to the differences in technology.

Read more: Bitcoin, ethereum and the blockchain technology behind decentralised finance 

Poly Network said the hack exploited its "contract calls", which are a type of test not intended to be published to a blockchain.

SlowMist said in a blog post the hack was "likely to be a long-planned, organized and prepared attack."

The incident has brought to the fore the lack of consumer protections in the crypto market, which is largely unregulated.

“The issue with cryptocurrencies is that they are largely unprotected and therefore, when a hack occurs it is not like an ordinary bank heist where the money is stolen from the bank, who remains the victim," said Jake Moore, former head of digital forensics at Dorset Police and now a cybersecurity specialist at cybersecurity firm ESET.

"Simply asking the hackers to return the currencies suggests there is little left to do for those involved, including the authorities. Cryptocurrencies by nature are largely anonymous which makes such heists extremely attractive to those wanting to illicitly gain from the amount of work required to gain such rewards.”

The incident could be a knock to confidence in the rapidly-growing but early stage decentralised finance (DeFi) industry. DeFi doesn't rely on central financial intermediaries such as brokerages, exchanges or banks to offer services. Instead, processes are entirely automated by code that can be used off-the-shelf by anyone. It offers a more open alternative to financial service that is accessible to anyone with a smartphone and good internet connection. As of January 2021, approximately $20.5bn (£15bn) was invested in DeFi.

Watch: What are the risks of investing in cryptocurrency?

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting