By Emma Mayer for Newsweek
Poly Network, a protocol for swapping cryptocurrency, including bitcoin, announced on Tuesday that it was hacked, resulting in the loss of $611-million. The hack is suspected to be the largest fraud in “decentralised finance,” or DeFi, in history.
The network tweeted the news and urged exchanges to block all of the funds that were taken.
“We call on miners of affected blockchain and crypto exchanges to blacklist tokens coming from the above addresses,” it tweeted, providing three addresses that it says the assets have been transferred to.
Poly Network swaps tokens across different blockchains, including Etereum and Ontology, as well as the blockchain for bitcoin. It was formed by an alliance between the teams behind multiple blockchain platforms, namely Neo, Ontology and Switcheo, according to The Block.
According to Cryptonews, $273 million in assets was taken in Ethereum tokens, $253 million in tokens on Binance Smart Chain and $85 million in U.S. Dollar Coin (USDC) tokens on the Polygon network.
“We will take legal actions and we urge the hackers to return the assets,” Poly Network tweeted in a thread.
Some believe this attack is the largest hack ever seen in the cryptocurrency space.
Since the attack, Tether, a form of stablecoin, managed to freeze roughly $33-million in tokens.
“We are aware of the poly.network exploit that occurred today. While no one controls BSC (or ETH), we are coordinating with all our security partners to proactively help. There are no guarantees. We will do as much as we can,” tweeted Changpeng Zhao, CEO of Binance, a cryptocurrency exchange.
The hack, according to The Block, forced O3, a trading pool that uses Poly Network to trade tokens among different blockchains, to suspend its cross-chain functionality.
Researchers suspect that the cause of the hack was a cryptography issue, which is rare in other instances of hacking. The attack on Poly Network may have been similar to the Anyswap exploit, an attack in July that saw $7.9-million stolen when a hacker reversed the private key.
A report from Reuters said that the DeFi sector of cybercrime registered losses of $474-million from January to July of this year.
“Just eight months into 2021 and DeFi hacks, thefts and frauds have already surpassed the total DeFi crimes from 2020,” Dave Jevans, CipherTrace’s chief executive officer, told Reuters. “This means regulators around the globe are paying closer attention to DeFi specifically.”
Many DeFi applications run on the Ethereum blockchain, and the industry is seeing both an expansion and improved security infrastructure. Jevans said that expansion was sure to attract more crime.
“It shouldn’t come as a surprise that as the DeFi ecosystem expands, so are DeFi crimes,” he said.
Newsweek reached out to CipherTrace for additional comment but did not hear back before publication.