You are here: Home - Investing - Experienced Investor - News -

Hackers steal £433m in ‘largest ever’ cryptocurrency heist

Written by: Emma Lunn
Cybercriminals exploited a vulnerability in Poly Network, a platform that looks to connect different blockchains, to steal $600m (£433m) in cryptocurrency.

Poly Network said hackers had exploited a vulnerability in its system and about £193m ($267m) of Ether currency has been taken, £182m ($252m) of Binance coins, and approximately £61m ($85m) in USDC tokens.

The platform published a letter to the hackers on Twitter. It said: “The amount of money you have hacked is one of the biggest in defi [decentralised finance] history. Law enforcement in any country will regard this as a major economic crime and you will be pursued. The money you stole are from tens of thousands of crypto community members, hence the people.”

DeFi is a broad term encompassing financial applications based on blockchain technology that looks to cut out intermediaries.

In a curious move, hackers have returned nearly half the stolen cryptocurrency to online wallets controlled by Poly Network. They sent a message to Poly Network embedded in a cryptocurrency transaction saying they were “ready to return” the funds. The attacker then started returning the funds in small amounts at first, and then in millions.

Experts said that the return of some of the cryptocurrency showed that laundering this type of money is extremely difficult due to the transparency of the blockchain.

Hank Schless, senior manager of security solutions at Lookout, said: “Recently, cryptocurrency has found itself at the centre of most data breach headlines. Decentralized finance (DeFi) has not only become a primary target for cybercriminals, and the cryptocurrencies that it supports are the primary payment method for attacks like ransomware.

“Since cryptocurrency and blockchain are still relatively new technologies, they present an opportunity for threat actors to socially engineer targets. Crypto investors are constantly looking for an edge in the market or what the next big currency that’s going to explode in value. Attackers can use this thirst for information against users in order to get them to download malicious apps or share login credentials for legitimate trading platforms they use. The attacker could then use the malicious app to exfiltrate additional data from the device it’s on or take the login credentials they’ve stolen and try them across any number of cloud apps used for both work and personal life.”

In order to increase the likelihood of successful hacks, attackers target users across both mobile devices and cloud platforms. Lookout recently discovered almost 200 malicious cryptocurrency apps on the Google Play Store. Most of these apps advertised themselves as mining services in order to entice users to download them.

Felix Rosbach, product manager at comforte AG, said: “New technology, old cybersecurity problems. While decentralized finance platforms and distributed ledgers in general come with the promise to increase trust and reduced dependencies on intermediaries, they are still new technology with its own dependencies, vulnerabilities and the need to be integrated and connected. Combine this with the value of the data affected – in this case blockchain tokens – being easily transferable to other wallets anonymously – you end up with a highly valuable target for attackers.”

There are 0 Comment(s)

If you wish to comment without signing in, click your cursor in the top box and tick the 'Sign in as a guest' box at the bottom.

Everything you wanted to know about ISAs…but were afraid to ask

The new tax year is less than a fortnight away and for ISA savers or investors, it’s hugely important. If yo...

Your right to a refund if travel is affected by train strikes

There have been a wave of train strikes in the past six months, and for anyone travelling today Friday 3 Febru...

Could you save money with a social broadband tariff?

Two-thirds of low-income households are unaware they could be saving on broadband, according to Uswitch.

What will happen if rates change

How your finances will be impacted by a rise in interest rates.

Regular Savings Calculator

Small regular contributions can build up nicely over time.

Online Savings Calculator

Work out how your online savings can build over time.

DIY investors: 10 common mistakes to avoid

For those without the help and experience of an adviser, here are 10 common DIY investor mistakes to avoid.

Mortgage down-valuations: Tips to avoid pulling out of a house sale

Down-valuations are on the rise. So, what does it mean for home buyers, and what can you do?

Five tips for surviving a bear market mauling

The S&P 500 has slipped into bear market territory and for UK investors, the FTSE 250 is also on the edge. Her...

Money Tips of the Week