Save, make, understand money

Experienced Investor

Hackers steal £433m in ‘largest ever’ cryptocurrency heist

Emma Lunn
Written By:
Emma Lunn

Cybercriminals exploited a vulnerability in Poly Network, a platform that looks to connect different blockchains, to steal $600m (£433m) in cryptocurrency.

Poly Network said hackers had exploited a vulnerability in its system and about £193m ($267m) of Ether currency has been taken, £182m ($252m) of Binance coins, and approximately £61m ($85m) in USDC tokens.

The platform published a letter to the hackers on Twitter. It said: “The amount of money you have hacked is one of the biggest in defi [decentralised finance] history. Law enforcement in any country will regard this as a major economic crime and you will be pursued. The money you stole are from tens of thousands of crypto community members, hence the people.”

DeFi is a broad term encompassing financial applications based on blockchain technology that looks to cut out intermediaries.

In a curious move, hackers have returned nearly half the stolen cryptocurrency to online wallets controlled by Poly Network. They sent a message to Poly Network embedded in a cryptocurrency transaction saying they were “ready to return” the funds. The attacker then started returning the funds in small amounts at first, and then in millions.

Experts said that the return of some of the cryptocurrency showed that laundering this type of money is extremely difficult due to the transparency of the blockchain.

Hank Schless, senior manager of security solutions at Lookout, said: “Recently, cryptocurrency has found itself at the centre of most data breach headlines. Decentralized finance (DeFi) has not only become a primary target for cybercriminals, and the cryptocurrencies that it supports are the primary payment method for attacks like ransomware.

“Since cryptocurrency and blockchain are still relatively new technologies, they present an opportunity for threat actors to socially engineer targets. Crypto investors are constantly looking for an edge in the market or what the next big currency that’s going to explode in value. Attackers can use this thirst for information against users in order to get them to download malicious apps or share login credentials for legitimate trading platforms they use. The attacker could then use the malicious app to exfiltrate additional data from the device it’s on or take the login credentials they’ve stolen and try them across any number of cloud apps used for both work and personal life.”

In order to increase the likelihood of successful hacks, attackers target users across both mobile devices and cloud platforms. Lookout recently discovered almost 200 malicious cryptocurrency apps on the Google Play Store. Most of these apps advertised themselves as mining services in order to entice users to download them.

Felix Rosbach, product manager at comforte AG, said: “New technology, old cybersecurity problems. While decentralized finance platforms and distributed ledgers in general come with the promise to increase trust and reduced dependencies on intermediaries, they are still new technology with its own dependencies, vulnerabilities and the need to be integrated and connected. Combine this with the value of the data affected – in this case blockchain tokens – being easily transferable to other wallets anonymously – you end up with a highly valuable target for attackers.”