Hacker steals $600 billion in cryptocurrency “for fun”

A hacker thought to be behind one of the largest cryptocurrency heists ever recorded has gone on record to explain why they did it – saying simply it was for fun.

Some $600 million was stolen from Poly Network – an American decentralised finance (DeFi) platform offering peer-to-peer cryptocurrency trading without the need for middlemen – earlier this month. However, the company managed to quickly get $342 million back by pleading with the hacker for its safe return – a figure that has since gone up to $427 million. In return, Poly Network has sent a $500,000 bug bounty to the individual it dubbed ‘Mr White Hat’.

Now, the hacker has explained why they did what they did, claiming it was simply for fun. Using metadata included within a financial transaction ‘Mr White Hat’ wrote of having mixed feelings when they first noticed the vulnerability – explaining that mentioning it to the project team could see someone else run off with the money themselves.

“Anyone could be the traitor given one billion” they said, “I can trust nobody!”

The only solution was to save the funds in a trusted account whilst working to keep themselves anonymous and safe.

On why they returned the funds, the hacker wrote: “That’s always the plan! I am not very interested in money! I know it hurts when people are attacked, but shouldn’t they learn something from those hacks?”

Though the hacker purposefully kept their identity secret, cybersecurity scientist Tom Robinson of Elliptic told CNBC that the individual behind these quotes was “definitely” the person responsible. “The messages are embedded in transactions sent from the hacker’s account,” he said. “Only the holder of the stolen assets could have sent them.”

Since it was made aware of the attack, Poly Network has worked on a number of fixes identified by the hacker, and the two are collaborating closely to close the loopholes. In fact, by way of thanks for identifying the issues and to encourage more of the money to be returned, Poly Network has said it will not hold the hacker legally responsible for the steal, and even offered them a position at the company as Chief Security Adviser.

‘Mr White Hat’ is yet to take up the offer.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Hacker steals $600 billion in cryptocurrency “for fun”

Categories

Horsham Office: 01293 871971 | London Office: 0203 763 3919 | IT Support: 01293 876000