On August 11, the blockchain intelligence firm Chainalysis published its findings on the recent Poly Network hack which saw the loss of approximately $611 million crypto tokens. The assessment from Chainalysis backed up the claims made by the security company called Slowmist that shows the hacker left a fingerprint on the relatively unknown exchange Hoo.com. As of August 11, at 4:18:39 p.m. (UTC), Poly Network details that the hacker has returned $260 million in assets so far.
Chainalysis Observes Hackers Onchain Fingerprints
The crypto community has been infatuated with the recent decentralized finance (defi) hack that exploited the Poly Network protocol. Bitcoin.com News reported on the aftermath of the hack and how the hacker started to troll the project with onchain messages.
On Wednesday, the blockchain surveillance firm Chainalysis published an in-depth report on what it discovered when it investigated the situation. According to Chainalysis, the hacker stole ETH, WETH, WBTC, UNI, RENBTC, USDT, USDC, DAI, SHIB, FEI, BNB, and various BEP-20 tokens.
In our most recent report, Bitcoin.com News discussed how the organization Slowmist claimed to have found some fingerprints left by the hacker. Chainalysis has confirmed some of the findings Slowmist disclosed prior to the hacker sending back roughly $4.7 million in assets.
Slowmist said that the hacker leveraged an exchange called Hoo.com and it was able to obtain an email address and associated IP address. Chainalysis explained why the hacker chose to leverage the relatively unknown crypto trading platform.
“We can see that the day before, the attacker withdrew 0.47 ETH from Hoo.com, which was used to pay for gas fees on transactions associated with the hack,” Chainalysis wrote. “Additionally, the attacker appears to have sent 13.37 ETH to a user known as Hanashiro.eth, who sent an ether transaction to the attacker with a message warning them that the USDT they’d stolen from Poly Network had been frozen.”
The blockchain surveillance firm also published a Chainalysis Reactor graph which shows how the hacker got started.
Hacker Compliments Poly Network and Says ‘Cross-Chain Hacking Is Hot’
Furthermore, the hacker has been communicating with the Poly Network team and an unknown white hat hacker. While returning fractions of the funds, the hacker has continuously said that the individual has “saved the project.”
There’s been a little Q&A as well and the hacker said that “cross-chain hacking is hot” and he or she was doing it “for fun.” The discussion highlights that when the hacker spotted the bug, they had “mixed feelings” about the situation. The hacker noted that he or she was “tired” during the conversation and even complimented the Poly Network at times calling it a “decent system.”
Toward the end of the Chainalysis report, it notes that the hacker has been communicating with the team and the company highlighted some of the token addresses that saw returns.
“It’s possible this is a ruse to make off with the unstolen USDT, but so far nothing suggests the attacker won’t continue to return the stolen funds,” Chainalysis detailed. The Poly Network team has been updating the community when coins have been returned via the project’s official Twitter account.