{"id":47475,"date":"2021-08-10T17:44:43","date_gmt":"2021-08-10T14:44:43","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=47475"},"modified":"2025-09-01T21:35:19","modified_gmt":"2025-09-01T18:35:19","slug":"hackers-stole-611-million-from-the-poly-network-cross-chain-protocol","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/hackers-stole-611-million-from-the-poly-network-cross-chain-protocol\/","title":{"rendered":"Hackers stole $611 million from the Poly Network cross-chain protocol"},"content":{"rendered":"<p>On August 10, unknown hackers breached the Poly Network cross-chain protocol and stole $611 million in various cryptocurrencies. The project team urged exchanges to block the stolen funds.<\/p>\n<blockquote class=\"wp-block-quote twitter-tweet is-layout-flow wp-block-quote-is-layout-flow\">\n<p dir=\"ltr\" lang=\"en\">Important Notice:<br \/>We are sorry to announce that <a href=\"https:\/\/twitter.com\/hashtag\/PolyNetwork?src=hash&#038;ref_src=twsrc%5Etfw\">#PolyNetwork<\/a> was attacked on <a href=\"https:\/\/twitter.com\/BinanceChain?ref_src=twsrc%5Etfw\">@BinanceChain<\/a> <a href=\"https:\/\/twitter.com\/ethereum?ref_src=twsrc%5Etfw\">@ethereum<\/a> and <a href=\"https:\/\/twitter.com\/0xPolygon?ref_src=twsrc%5Etfw\">@0xPolygon<\/a> Assets had been transferred to hacker\u2019s following addresses:<br \/>ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963<br \/>BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71<\/p>\n<p>\u2014 Poly Network (@PolyNetwork2) <a href=\"https:\/\/twitter.com\/PolyNetwork2\/status\/1425073987164381196?ref_src=twsrc%5Etfw\">August 10, 2021<\/a><\/p>\n<\/blockquote>\n<p><script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;We regret to announce that Poly Network has been attacked on the Ethereum, Binance Smart Chain and Polygon networks. We urge miners of the affected blockchains and crypto exchanges to blacklist tokens coming from the addresses above,&#8221; the project team wrote.<\/p>\n<\/blockquote>\n<p>According to preliminary estimates, the attackers stole <a href=\"https:\/\/etherscan.io\/address\/0xc8a65fadf0e0ddaf421f28feab69bf6e2e589963\" target=\"_blank\" rel=\"noopener\">$273 million on the Ethereum network<\/a>, <a href=\"https:\/\/bscscan.com\/address\/0x0d6e286a7cfd25e0c01fee9756765d8033b32c71\" target=\"_blank\" rel=\"noopener\">$253 million on the Binance Smart Chain<\/a> and <a href=\"https:\/\/polygonscan.com\/address\/0x5dc3603C9D42Ff184153a8a9094a73d461663214\" target=\"_blank\" rel=\"noopener\">$85 million in USDC<\/a> on the Polygon network. Funds were affected in tokens such as WBTC, WETH, RenBTC, DAI, UNI, SHIB, FEI and others. The hack was the largest in the DeFi sector in history.<\/p>\n<p>After the theft, Tether blacklisted roughly $33 million worth of USDT on Ethereum that had been stolen during the attack.<\/p>\n<blockquote class=\"wp-block-quote twitter-tweet is-layout-flow wp-block-quote-is-layout-flow\">\n<p dir=\"ltr\" lang=\"en\">. <a href=\"https:\/\/twitter.com\/Tether_to?ref_src=twsrc%5Etfw\">@Tether_to<\/a> just froze ~33M <a href=\"https:\/\/twitter.com\/search?q=%24USDt&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$USDt<\/a> on 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963 as part of the <a href=\"https:\/\/twitter.com\/hashtag\/PolyNetwork?src=hash&#038;ref_src=twsrc%5Etfw\">#PolyNetwork<\/a> hack <a href=\"https:\/\/t.co\/EviPTAkQJD\">https:\/\/t.co\/EviPTAkQJD<\/a><\/p>\n<p>\u2014 Paolo Ardoino (@paoloardoino) <a href=\"https:\/\/twitter.com\/paoloardoino\/status\/1425090760609832978?ref_src=twsrc%5Etfw\">August 10, 2021<\/a><\/p>\n<\/blockquote>\n<div class=\"wp-block-text-wrappers-update-2 article_update\"><time class=\"gtb_text-wrappers_update_time\">10 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2021 | 19:36<\/time><span class=\"gtb_text-wrappers_update_head\">Update: <\/span><\/p>\n<p>A user going by the handle hanashiro.eth sent a transaction to one of the addresses containing the stolen funds. In the signature, he warned the hacker that the USDT held by him had been added to the blacklist.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Lol, who is hanashiro.eth and why is he trying to help the hacker.<\/p>\n<p>&#8220;DONT USE YOUR USDT TOKEN<br \/>YOU VE GOT BLACKLISTED&#8221; <a href=\"https:\/\/t.co\/oqVlf8quuq\">pic.twitter.com\/oqVlf8quuq<\/a><\/p>\n<p>\u2014 Hsaka (@HsakaTrades) <a href=\"https:\/\/twitter.com\/HsakaTrades\/status\/1425093301691195407?ref_src=twsrc%5Etfw\">August 10, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<\/figure>\n<p>In response, the hacker sent the user 13.37 ETH ($42,000) for the information.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">LMFAO, what is going on.<\/p>\n<p>The hacker just tipped hanashiro $42k in <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a> for that info. <a href=\"https:\/\/t.co\/KP4fmAZnUE\">pic.twitter.com\/KP4fmAZnUE<\/a><\/p>\n<p>\u2014 Hsaka (@HsakaTrades) <a href=\"https:\/\/twitter.com\/HsakaTrades\/status\/1425095512047472646?ref_src=twsrc%5Etfw\">August 10, 2021<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<p>Binance CEO Changpeng Zhao also said he stood ready to help the project.<\/p>\n<blockquote class=\"wp-block-quote twitter-tweet is-layout-flow wp-block-quote-is-layout-flow\">\n<p dir=\"ltr\" lang=\"en\">We are aware of the <a href=\"https:\/\/t.co\/IgGJ0598Q0\">https:\/\/t.co\/IgGJ0598Q0<\/a> exploit that occurred today. While no one controls BSC (or ETH), we are coordinating with all our security partners to proactively help. There are no guarantees. We will do as much as we can. Stay <a href=\"https:\/\/twitter.com\/hashtag\/SAFU?src=hash&#038;ref_src=twsrc%5Etfw\">#SAFU<\/a>. \ud83d\ude4f <a href=\"https:\/\/t.co\/TG0dKPapQT\">https:\/\/t.co\/TG0dKPapQT<\/a><\/p>\n<p>\u2014 CZ \ud83d\udd36 Binance (@cz_binance) <a href=\"https:\/\/twitter.com\/cz_binance\/status\/1425091869709570060?ref_src=twsrc%5Etfw\">August 10, 2021<\/a><\/p>\n<\/blockquote>\n<p><script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;We are aware of the Poly Network exploit. While no one controls BSC (or ETH), we are coordinating with our security partners to actively help. We make no guarantees, but we will do all we can,&#8221; said CZ.<\/p>\n<\/blockquote>\n<p>According to the latest data, the hackers moved assets to USDC and DAI on Curve.<\/p>\n<blockquote class=\"wp-block-quote twitter-tweet is-layout-flow wp-block-quote-is-layout-flow\">\n<p dir=\"ltr\" lang=\"en\">The hacker has deposited <a href=\"https:\/\/twitter.com\/search?q=%24USDC&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$USDC<\/a> and <a href=\"https:\/\/twitter.com\/search?q=%24DAI&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$DAI<\/a> to the curve.<br \/>ETH:0xf8B5c45c6388c9Ee12546061786026aAeaa4b682<\/p>\n<p>We appeal token issuers to blacklist assets coming from the above address. <a href=\"https:\/\/twitter.com\/MakerDAO?ref_src=twsrc%5Etfw\">@MakerDAO<\/a> <a href=\"https:\/\/twitter.com\/circlepay?ref_src=twsrc%5Etfw\">@circlepay<\/a><\/p>\n<p>\u2014 Poly Network (@PolyNetwork2) <a href=\"https:\/\/twitter.com\/PolyNetwork2\/status\/1425097156608802832?ref_src=twsrc%5Etfw\">August 10, 2021<\/a><\/p>\n<\/blockquote>\n<p><script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The Poly Network protocol enables transferring tokens between different blockchains. It was developed by an alliance of teams behind the blockchain platforms Neo, Ontology and Switcheo.<\/p>\n<p>In July, hackers <a href=\"https:\/\/u1f987.com\/en\/news\/hackers-drain-more-than-4m-from-defi-projects-due-to-chainswap-vulnerability\">stole more than $4 million<\/a> from DeFi projects due to a vulnerability in ChainSwap.<\/p>\n<p>Earlier, the decentralized project Impossible Finance on the Binance Smart Chain <a href=\"https:\/\/u1f987.com\/en\/news\/defi-project-on-binance-smart-chain-loses-500000-in-attack\">lost $500,000 due to an attack<\/a>.<\/p>\n<p>Follow ForkLog on Telegram: <a href=\"https:\/\/t.me\/forklogfeed\" target=\"_blank\" rel=\"nofollow noopener\">ForkLog Feed<\/a> \u2014 the full news feed, <a href=\"https:\/\/telegram.me\/forklog\" target=\"_blank\" rel=\"nofollow noopener\">ForkLog<\/a> \u2014 the most important news, infographics and opinions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On August 10, unknown hackers breached the Poly Network cross-chain protocol and stole $611 million in various cryptocurrencies. The project team urged exchanges to block the stolen funds.<\/p>\n","protected":false},"author":1,"featured_media":47476,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1093,2231],"class_list":["post-47475","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-defi","tag-poly-network"],"aioseo_notices":[],"amp_enabled":true,"views":"33","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/47475","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=47475"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/47475\/revisions"}],"predecessor-version":[{"id":47477,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/47475\/revisions\/47477"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/47476"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=47475"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=47475"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=47475"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}