One article to understand PolyNetwork’s 600 million currency theft case, the largest amount of DeFi in history

Poly Network claims to be the world’s leading “lightweight” heterogeneous chain cross-chain interoperability protocol. Its uniquely designed heterogeneous chain and cross-chain bridge technology will control the cross-chain through the deployment of smart contracts in the source chain, opening up the protocol layer in one fell swoop Communication and transactions between various heterogeneous chains and even between various mainstream public chains. The mainnet will be launched in August 2020. Poly Network is a cross-chain organization co-sponsored by Neo, Ontology, and Switcheo Foundation as founding members, and distributed technology as the technology provider.

The SlowMist security team found that the hacker’s initial source of funds was Monero (XMR), and then changed to BNB/ETH/MATIC and other currencies in the exchange and withdrew the coins to 3 addresses. Attack on the chain. Combining the flow of funds and multiple fingerprint information can be found, this is likely to be a long-planned, organized and prepared attack.

Attack start
1. At 8:38 pm on August 10th , the cross-chain interoperability protocol Poly Network said it was attacked (the cross-chain aggregation protocol O3 is based on Poly Network and is also involved), and a total of more than 610 million US dollars were transferred to 3 addresses . Among them, the funds transferred to Binance Smart Chain addresses beginning with 0x0D6e2 exceeded 250 million U.S. dollars, those transferred to Ethereum addresses beginning with 0xC8a65 exceeded 270 million U.S. dollars, and those transferred to Polygon addresses exceeded 85 million U.S. dollars.

Among them: BSC assets: 6613 BNB, 87,603,671 USDC, 26,629 ETH, 1,023 BTCB, 32,107,854 BUSD

Polygon assets: 85,089,719 USDC

Ethereum assets: 96,389,444 USDC, 1,032 WBTC, 673,227 DAI, 43,023 UNI, 14 renBTC, 33,431,197 USDT, 26,109 WETH, 616,082 FEI

2. At 9:44, Paolo Ardoino, Tether’s chief technology officer, tweeted that Tether had frozen 33 million USDT of hacker addresses that attacked the Poly Network.

What is puzzled by the outside world is that Binance and Circle did not freeze BUSD and USDC, which directly led to the subsequent transfer of US$120 million in stablecoins. CZ responded that no one can control the BSC, and Circle did not respond to this.

Binance CEO Changpeng Zhao said that the PolyNetwork coin theft that we all know happened today. Although no one controls BSC (or ETH), we are coordinating with all security partners to proactively provide assistance. Can’t give anything, but we will do our best.

3. At 9:56 , 0xC8a65 at the beginning of the Ethereum address involved began to try to deposit funds into for money laundering. The first few transaction attempts failed due to the freezing of USDT, and then only DAI and USDC were deposited and co-deposited Nearly 100 million stable coins (including 673,227 DAI and 96,389,444 USDC).

4. At 10:03 , the Binance Smart Chain address at the beginning of 0x0d6e2 and nearly 120 million U.S. dollars of stablecoins (including 32,107,854 BUSD and 87,603,672 USDC) were transferred to the Curve fork project Ellipsis Finance.

5. 0:27, the beginning of someone’s Square Ethernet address 0xC8a65 the previously stored 3Crv LP share stable currency exchange is available again about 96,942,061 gold DAI.

Communication between the two parties
In the early morning of the 11th, PolyNetwork issued a letter to the hacker, stating that we hope to establish contact with you and hope that you will return the stolen assets. The amount you stolen is the largest in the history of DeFi. The laws of any country will treat it as an important economic crime, and you will be hunted down. It is not wise for you to make any further transactions (transfers). The funds you steal are the property of thousands of community members. You should talk to us for a solution.

Then the hacker responded: If I transfer the remaining coins, it will be at the billion dollar level. Didn’t I save the project? I am not very interested in money, and now consider returning some tokens, or leaving them here; what if I make a new token and let the DAO decide where the token will go.

As of 9:40 am on August 11, there is still no latest progress.

The security company BlockSec released the latest analysis report. In response to the attack on the Poly Network, the BlockSec security team initially analyzed that the cause of the attack may be that the private key used for cross-chain signature was leaked or the signature program had logical loopholes that caused the signature to be signed. Attack the transaction. BlockSec believes that the attacker may have the legal key to sign the message, which indicates that the signing key may have been leaked, or there may be a bug in the signing process of PolyNetwork, which is abused to sign carefully crafted messages. The SlowMist security team analyzed that it was because the cross-chain contract keeper was modified to the hacker’s specified address, so that the hacker could construct a transaction at will and withdraw any amount of funds from the contract

As one of the cross-chain protocols with the largest lock-up volume, O3 has had a number of organized attacks earlier, but it does not seem to arouse PolyNetwork and O3’s vigilance. Both O3 and PolyNetwork belong to the NEO ecosystem and are also one of the largest encrypted public chains in the Chinese region. In recent years, they have made efforts in the DeFi field.

The Babbitt article on July 14 pointed out that before this, there were very few cross-chain attacks. However, in just half a month, there have been 5 security incidents, with losses exceeding US$17 million. Cross-chain attacks have increased significantly. Does this mean that hackers are targeting the cross-chain protocol ecosystem?

The Block research analyst Igor Igamberdiev once said that the interoperability between DeFi protocols has become more and more complex, thus opening up new attack vectors, and will become more frequent in the future. “In addition, after the attacker succeeds, the assets will be quickly transferred through the cross-chain bridge, and then combined with the currency mixing service to wash the assets.

On the evening of the 10th, the widespread rumor that the government left super-control rights privately led to theft by the guards, and it is unlikely. The NEO Group is extremely powerful, and there is no need for such an operation; and if it is operated by an internal ghost or a partner, it will be too easy to expose.

Public information shows that the audit of PolyNetwork is done by NCC Group, and the audit of Ethereum smart contract is done by Certik.

Industry insiders pointed out that the current US financial regulators are very concerned about DeFi, and relevant Chinese authorities have also begun to pay attention. The US SEC recently charged the first DeFi case. If the largest DeFi theft case in financial history fails to end, on the one hand, it may affect the industry’s confidence in DeFi, and on the other hand, it may induce global regulation to suppress DeFi.

Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Leave a Reply