Poly Network, a platform that aims to create interoperability among multiple blockchains, tweeted a “dear hacker” message Tuesday that both pleaded with and threatened the thieves who had just managed the $600 million crypto heist. It told them that the money they have stolen amounts to “a major economic crime” in any country, and that they will surely be pursued by law enforcement. That said: “we wish to establish communication with you.” 

Poly Network may be working on the assumption, then, that this is a ransomware cyberattack, and that the thieves are open to making a deal that would involve the return of the assets stolen.

What Happened?

What is certain is that hackers exploited a vulnerability in Poly Network’s system, and they have taken thousands of digital tokens, with a combined value of around $604 million.

That $604 million figure breaks down this way: $267 million in Ether tokens; $252 in Binance; $85 in USD Coin.

For purposes of comparison: in February 2014, the management of Mt Gox announced that it had lost 750,000 of its customers’ bitcoins, and around 100,000 of its own. Together, that meant roughly 7% of the universe of bitcoins, and that chunk of the universe was worth around $472 million in 2014 dollars, or $531 million in today’s dollars. 

Another shocking loss on that scale was the Coincheck breach of 2018. Hackers made off with approximately 500 million NEM tokens, worth roughly $530 million. 

As those figures indicate, although there are some computational issues that might allow for an argument, it seems that the Poly Network heist is larger than either of its peers, and so the largest ever. Poly Networks says that the assets stolen belong to “tens of thousands” of users.

Situation Develops Rapidly

Poly Network is within the corner of the crypto world known as DeFi (decentralized finance). The collateral locked into its lending protocols approaches $80 billion, and it is natural that such a pot of gold has become the target of hack attacks.

A security researcher calling itself SlowMist claims to have obtained the hacker’s IP address, email, and device fingerprints. SlowMist claims, moreover, that the attack is likely one that was planned well in advance. 

Poly Network says that it has identified specific wallets into which the assets were transferred, thus presumably these are the thieves’ wallets. It has asked miners and crypto exchanges to blacklist tokens coming from those wallets. 

The situation developed rapidly in the hours after the first reports. The hacker(s) were soon leaving hints that they didn’t intend to spend the stolen assets. But they aren’t holding them for ransom either. 

Rather,  the hackers may have a Sherwood Forest complex. They may believe that they are serving a valuable cause by creating a DAO [a decentralized autonomous organization] in which they let a broad audience decide where the $600 million from this Crypto heist should be sent.  

Moochers Beg from Crypto Heist Thieves

Whenever a (momentarily successful) thief fancies himself engaged in redistributive justice, there will be many who will line up to mooch off the success.

The moochers showed up in the context of the theft from Poly Network quite early on. The comments section of the blockchain datasite calling itself Etherscan has been carrying their imploring messages.  

”Pls help me pay my mom’s mortgage,” wrote one user. 

“Let me launder it for you,” suggested another. 

Others see themselves as philanthropists. “Hello mr hacker I know you will read this message just want to ask for a little help so we can get masks and oxygen because COVID-19 in our country is very severe anyone can donate to this address,” wrote one pleader.