Hacker steals $600m of Crypto Currency, he is rewarded for refund
The hacker heist is one of the largest in history. Poly Network says the person took advantage of a flaw in its technology.
A hacker who stole just over $600 million (£433 million) in bitcoin was offered $500,000 in exchange for returning the money, as well as immunity.
After the hacker promised to return the money, Poly Network made the contentious offer.
On Tuesday, the attempt was discovered after Poly Network openly pleaded with the hacker for assistance.
“Private corporations have no power to pledge immunity from criminal prosecution,” according to a former FBI official.
The hacker heist is one of the largest in history. Poly Network says the person took advantage of a flaw in its technology.
Although the hacker claims they are not interested in the prize, the majority of the money has since been returned.
Shortly after the theft, an anonymous user taunted the corporation and asked for assistance on how to launder his stolen funds on the publicly accessible blockchain.
The offender afterwards stated that he was “not interested in money” and vowed to restore everything.
Most of the remaining assets in the hacker’s possession had been transferred to a digital wallet controlled by both the hacker and the company by Thursday evening, according to Poly Network.
Poly Network says it is still awaiting the completion of the payback process, but that it is cooperating with the hacker.
A portion of the stolen monies were locked shortly after the attack and cannot be utilized by the hacker because they have not yet been moved.
According to Tom Robinson, co-founder of Elliptic, a London-based blockchain analytics and compliance firm, “the hacker still holds $33.4 million in stolen Tether [tokens] – because it has been frozen by Tether themselves.”
He went on to say that the hacker was holding onto “a few thousand dollars’ worth of various other tokens” as evidenced by the blockchain.
However, it remained unclear whether they were part of the stolen assets or donations that the hacker sought on Thursday as a thank you for returning the funds.
A 13.37 Ether tip ($40,000) was sent by the hacker to a user who alerted them to the fact that the Tether tokens had been frozen by its developer.
The anonymous hacker claimed in a three-page online Q&A that he or she committed the heist for fun and to encourage cryptocurrency exchange Poly Networks to improve its security.
The hacker has been dubbed “Mr White Hat” by Immunity Poly Network, who appears to have accepted the explanation.
White hat hackers are ethical security researchers who use their skills for the greater good by assisting organizations in the discovery of security flaws.
Poly Network confirmed that it sent a note to the attackers, stating that “we believe your action is white hat behavior, and we plan to offer you a $500,000 reward.”
“We assure you that you will not be held responsible for this incident,” the firm added.
Some security experts are outraged by the alleged move, fearing that it will set a precedent for criminal hackers to white-wash their actions.
“Labeling this hack as white hat is just really disappointing,” says Katie Paxton-Fear, a white hat hacker and lecturer at Manchester Metropolitan University.
Mrs Paxton-Fear has discovered over 30 security flaws in companies ranging from the US Department of Defense to Verizon Media.
“White hat hacking is all about having a scope, not touching some systems, working with the team, writing professional reports detailing our findings, and not going further than we need to demonstrate risk,” she explained.
“Our approach is ‘first, do no harm,’ potentially verifying fixes are implemented while not jeopardizing user data.”
Former Department of Justice and FBI officer Charlie Steele, a partner at Forensic Risk Alliance, is likewise concerned about the supposed Poly Network offer.
Source: BBC