Why have most of us never heard of a protocol that has $600M TVL until it gets hacked? What is this space?!
40 minutes apart...
0x3a09c98f99edd9601ed017ff269652fd80c7e9aedcea57126990031128851043
0x552bc0322d78c5648c5efa21d2daa2d0f14901ad4b15531f1ab5bbe5674de34f
0x3a09c98f99edd9601ed017ff269652fd80c7e9aedcea57126990031128851043
0x552bc0322d78c5648c5efa21d2daa2d0f14901ad4b15531f1ab5bbe5674de34f
~6 hours later, Poly team "reach out" to the hacker
https://twitter.com/PolyNetwork2/status/1425123153009803267
Hacker now asks if they should rely on community vote on where to direct stolen funds
0x4c102e972301b999318df70e3d3a067994dcc83951f07f7f37c45ff7e922beec
0x4c102e972301b999318df70e3d3a067994dcc83951f07f7f37c45ff7e922beec
I found 2 keys belonging to PolyNetwork... 👀
(I need to verify they are prod keys, both armored, but interesting anyway)
(I need to verify they are prod keys, both armored, but interesting anyway)
Hacker: "READY TO RETURN THE FUND!"
0x7b6009ea08c868d7c5c336bf1bc30c33b87a0eedd59dac8c26e6a8551b20b68a
0x7b6009ea08c868d7c5c336bf1bc30c33b87a0eedd59dac8c26e6a8551b20b68a
Hacker: "FAILED TO CONTACT THE POLY. I NEED A SECURED MULTISIG WALLET FROM YOU"
0x79245fb1d1ae48a214118e25d6ad2f9324f514ec6708135a19ba9d4cfa6344f6
Looks like intentions are to return everything?
0x79245fb1d1ae48a214118e25d6ad2f9324f514ec6708135a19ba9d4cfa6344f6
Looks like intentions are to return everything?
Hacker: "IT'S ALREADY A LEGEND TO WIN SO MUCH FORTUNE. IT WILL BE AN ETERNAL LEGEND TO SAVE THE WORLD. I MADE THE DECISION, NO MORE DAO"
0xd239b01026c49b234d075e3d23a07efd1c3234239cfb440c0f90d5e84836fbe2
0xd239b01026c49b234d075e3d23a07efd1c3234239cfb440c0f90d5e84836fbe2
Hacker: "ACCEPT DONATIONS TO "THE HIDDEN SIGNER" NOW. ENCRYPT YOUR MSG WITH HIS PUBKEY."
0x160231043b80c7824f658b3621163ebcc537ff29ad1dfb3572e658ebf0ddc2fd
0x160231043b80c7824f658b3621163ebcc537ff29ad1dfb3572e658ebf0ddc2fd
616k $FEI moved - 0xd3327a266add4ec655ef5fe00fd042bdcdf1b886c26af3b5dd21b2e4ec9bde49
259,737,345,149 $SHIBA moved - 0x4d0c93ca9746d1c8a80c0ecf58bd5bba66654fefae3df320b4d138405d0cbc0e
259,737,345,149 $SHIBA moved - 0x4d0c93ca9746d1c8a80c0ecf58bd5bba66654fefae3df320b4d138405d0cbc0e
Hacker: "DONATE TO 0xA87fB85A93Ca072Cd4e5F0D4f178Bc831Df8a00B IF YOU SUPPORT MY DECISION
ENCRYPT YOUR MSG WITH HIS PUBKEY IF YOU WANT TO TALK"
0x87715ad26621431c2c27f44d9214798e0c81a97d938ba5d4580dcd72f07ec6a8
Asks for community donations, and for Poly to encrypt their comms
ENCRYPT YOUR MSG WITH HIS PUBKEY IF YOU WANT TO TALK"
0x87715ad26621431c2c27f44d9214798e0c81a97d938ba5d4580dcd72f07ec6a8
Asks for community donations, and for Poly to encrypt their comms
Hacker: "DUMPING SHITCOINS FIRST!
HOW ABOUT UNLOCKING MY USDT AFTER RETURNING ENOUGH USDC?"
They ask for USDT to be whitelisted if they return more $USDC... interesting proposal - $33M USDT
0xa7cd9cb0211942998602e22ad6f7fd7d9c1eef9515f4e4154a76237d5fd71aa3
HOW ABOUT UNLOCKING MY USDT AFTER RETURNING ENOUGH USDC?"
They ask for USDT to be whitelisted if they return more $USDC... interesting proposal - $33M USDT
0xa7cd9cb0211942998602e22ad6f7fd7d9c1eef9515f4e4154a76237d5fd71aa3
Hacker is giving encrypt data to Poly
0x64eb495eba8b2000181498910748614dbd2c4bd7d6997af20cdb92c2518b2bce
0x64eb495eba8b2000181498910748614dbd2c4bd7d6997af20cdb92c2518b2bce
Comms seems to be encrypted now - likely in (or soon to be) a communication channel with Poly for the entire network to watch
0x69534e330c5f8529759272b86e90bbacf7a5c4082683064c471e5539eacf53ba
0x69534e330c5f8529759272b86e90bbacf7a5c4082683064c471e5539eacf53ba
I missed these but Poly seem to be in direct comms with the hacker onchain
They have received $1M+ on Polygon - unsure if verified to be Poly
0x59451c04dd5809958100c20a1263b7c1c6fc5080b38163b5117557418a473c47
0xf25ad2da525da68e7e254ecb5d780ae2c64f4df442baa14832fcbdff65dfb193
They have received $1M+ on Polygon - unsure if verified to be Poly
0x59451c04dd5809958100c20a1263b7c1c6fc5080b38163b5117557418a473c47
0xf25ad2da525da68e7e254ecb5d780ae2c64f4df442baa14832fcbdff65dfb193
So far, using the addresses identified by Poly in tx278 (linked above)
0x71Fb9dB587F6d47Ac8192Cd76110E05B8fd2142f (ETH) - $2.6M received
0xEEBb0c4a5017bEd8079B88F35528eF2c722b31fc (BSC) - $1.1M received
0xA4b291Ed1220310d3120f515B5B7AccaecD66F17 (POLY) - $1M received
0x71Fb9dB587F6d47Ac8192Cd76110E05B8fd2142f (ETH) - $2.6M received
0xEEBb0c4a5017bEd8079B88F35528eF2c722b31fc (BSC) - $1.1M received
0xA4b291Ed1220310d3120f515B5B7AccaecD66F17 (POLY) - $1M received
Poly connected to the hacker via email (it seems) and is offering a bounty to the hacker (after funds returned)
0xf6488e1efacd9c280eb91133d04ba357beca8016df8b0b0524b9a2e207b2ad7f
0x6b174ace1a83530bd2f33f07b213536699418b533cf2d3685556cf126e7061d8
0xf6488e1efacd9c280eb91133d04ba357beca8016df8b0b0524b9a2e207b2ad7f
0x6b174ace1a83530bd2f33f07b213536699418b533cf2d3685556cf126e7061d8
Hacker: "JUST DUMPED ALL ASSETS ON BSC & POLYGON.
HACKING FOR GOOD, I DID SAVE THE PROJECT"
0x3de5a4eb6c1953ce2d0422bc5d0d16b2d9e54316cf0784bb793b3c67f09387b7
HACKING FOR GOOD, I DID SAVE THE PROJECT"
0x3de5a4eb6c1953ce2d0422bc5d0d16b2d9e54316cf0784bb793b3c67f09387b7
I'm not monitoring BSC too closely, but they also returned $86M prior to this... so $200M+ returned on BSC to Poly
0x6e2317a437e7804b211ab03a11d61bf68d4fd3b87a5d0deb76d87febddca262b
0x6e2317a437e7804b211ab03a11d61bf68d4fd3b87a5d0deb76d87febddca262b
https://twitter.com/sniko_/status/1425466882971287563
More encrypted comms going out to Poly... perhaps another big move by the hacker to arrange returning more funds?
0x4d6490b47a82e548236b4448713a973d833e439ad9fff76513d38ad2f7cb4fa5
0x4d6490b47a82e548236b4448713a973d833e439ad9fff76513d38ad2f7cb4fa5
$673k/14 BTC (renBTC) on the move!
0xd916036ed3f4fd356e32faf7a0849834e54d7555383c372058226cb32705916b
0xd916036ed3f4fd356e32faf7a0849834e54d7555383c372058226cb32705916b
Hacker hacked "FOR FUN :)" and "CROSS CHAIN HACKING IS HOT"
0x1fb7d1054df46c9734be76ccc14fa871b6729e33b98f9a3429670d27ec692bc0
0x1fb7d1054df46c9734be76ccc14fa871b6729e33b98f9a3429670d27ec692bc0
Q&A part 2 just published!
0xd4ee4807c07702a3202f45666983855d7fa22eb1c230e4c1e840fc9389e54729
0xd4ee4807c07702a3202f45666983855d7fa22eb1c230e4c1e840fc9389e54729
Hacker claims they were "PISSED BY THE POLY TEAM FOR THEIR INITIAL REPONSE" which caused them to trade some of the stablecoins
Claims they planned to earn off the interest earned until they could negotiate with Poly
"I WAS PLANNING [...] TO TAKE OVER THE FOUR NETWORK"
Claims they planned to earn off the interest earned until they could negotiate with Poly
"I WAS PLANNING [...] TO TAKE OVER THE FOUR NETWORK"
Q&A Part 3 just dropped
0xe954bed9abc08c20b8e4241c5a9e69ed212759152dd588bb976b47eca353a5bc
0xe954bed9abc08c20b8e4241c5a9e69ed212759152dd588bb976b47eca353a5bc
Hacker claims they tipped hanashiro.eth 13ETH because they thought it was their own local script problem, not a contract-level logic check problem
Tornado cashout was a "BAD JOKE"
Hacked $600M and still sticking to "I AM _NOT_ VERY INTERESTED IN MONEY"
Plans to give all back
Tornado cashout was a "BAD JOKE"
Hacked $600M and still sticking to "I AM _NOT_ VERY INTERESTED IN MONEY"
Plans to give all back
Side note: hanashiro.eth received the (stolen) 13ETH and "spent" it, but seems to be KYC'd with FTX - depositing $450k USDC
I wonder if hanashiro.eth will also return the 13.37ETH to Poly
etherscan.io/tx/0xd62dbc8e9…
I wonder if hanashiro.eth will also return the 13.37ETH to Poly
etherscan.io/tx/0xd62dbc8e9…
Hacker is now outing scammer email addresses
0xe926ef4b6f4e3ff1b680df02a6a2456cd9b415d25f051bb894ea3e24cfa864f0
0xe926ef4b6f4e3ff1b680df02a6a2456cd9b415d25f051bb894ea3e24cfa864f0
Hacker: "DISCLAIMER: I HAVE NEVER ASKED FOR BOUNTY FROM POLY NETWORK
WHAT I HAVE SAID IS ON THE CHAINS"
0xa5371eda3e56a614cdecc2b875f4236c7651e8ab3822f798b108e14b2659aaaa
WHAT I HAVE SAID IS ON THE CHAINS"
0xa5371eda3e56a614cdecc2b875f4236c7651e8ab3822f798b108e14b2659aaaa
Q&A part four just published!
0xde330cbd5484e9ce808c60d3a76739f224eb8390b6b891a8e4d29dbdaeab826d
0xde330cbd5484e9ce808c60d3a76739f224eb8390b6b891a8e4d29dbdaeab826d
Hacker says "I WOULD ADMIT THAT THE POLY HACK IS NOT AS FANCY AS YOU IMAGINE [...] I WOULD SAY FIGUING OUT THE BLIND SPOT IN THE ARCHTECTURE OF POLY NETWORK WOULD BE ONE OF THE BEST MOMENTS IN MY LIFE"
"BEING THE MORAL LEADER WOULD BE THE COOLEST HACK I COULD EVER ARCHIVE!"
"BEING THE MORAL LEADER WOULD BE THE COOLEST HACK I COULD EVER ARCHIVE!"
Hacker: "THE _POLYGON_ NETWORK IS SO UNRELIABLE
FOR MANY TIMES I THOUGHT I HAD SENT THE TRANSACTION BUT IT VANISHED. LOL"
Hacker is having some difficulties with Polygon L2 @0xPolygon
0xd2750ac3aad70c0a73fd4cd5aa854770f3253026526ab3cdc88fd561b8ccd5a0
FOR MANY TIMES I THOUGHT I HAD SENT THE TRANSACTION BUT IT VANISHED. LOL"
Hacker is having some difficulties with Polygon L2 @0xPolygon
0xd2750ac3aad70c0a73fd4cd5aa854770f3253026526ab3cdc88fd561b8ccd5a0
Hacker has now returned $83M to Poly on Polygon network
0xc32f8501c62a69218b4cdaae93cffcf7b214f331942af9ecca7c35be49e796b6
Brings the total to sent back to $344M across 3 networks
0xc32f8501c62a69218b4cdaae93cffcf7b214f331942af9ecca7c35be49e796b6
Brings the total to sent back to $344M across 3 networks
Hacker: "[...] DON'T WORRY, YOU ARE NOT REAL VICTIMES. I SAVED YOU!"
0x078063e9574e1937a64b6552919b9fc0035429df1e601d79e200bf211e75f337
0x078063e9574e1937a64b6552919b9fc0035429df1e601d79e200bf211e75f337
Hacker has now returned an additional $1.2M
0x09fe1ec4a9ad2c159362e7ec23b0410de34d71db5f314c4b04247c48d812fcbf
0x09fe1ec4a9ad2c159362e7ec23b0410de34d71db5f314c4b04247c48d812fcbf
Hacker is getting tired of the people asking for money saying "HELLO BEGGARS, WHY NOT ASKING MONEY FROM THE POLY MULTISIG WALLET? 0x71Fb9dB587F6d47Ac8192Cd76110E05B8fd2142f"
81 comments, 1.4k txs asking for $
0x05ddbcc01736dfe478526b33837f54ccf4f0e1e8abf06276d0a3fb18b8751ea9
81 comments, 1.4k txs asking for $
0x05ddbcc01736dfe478526b33837f54ccf4f0e1e8abf06276d0a3fb18b8751ea9
• • •
Missing some Tweet in this thread? You can try to
force a refresh
