$610 Million Defi Hack: Why didn’t Binance and Circle Freeze Hacker Account?

Prashant Jha
August 11, 2021
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
Hacker

Poly Network became the victim of the largest Defi hack in crypto history as hackers managed to drain $610 million worth of assets on Binance Smart Chain (BSC), Ethereum (ETH), and Polygon. As per the latest development, the hacker behind the attack has agreed to return the fund and has demanded a secure multi-sig wallet from the Poly Network.

A total of $610 million were stolen out of which $266,5 million were sent to an ETH address, $252 million were sent to a BSC address, and $85 million to Polygon address.

Poly Network
Source: PolyNetwork

SlowMist, a blockchain analytic firm that managed to get hold of the hacker’s IP address and digital fingerprint discovered that the hacker’s initial source of funds was Monero (XMR), and then changed to BNB/ETH/MATIC and other coins in the exchange and withdrew the coins to 3 addresses. The forensic group summarised the attack as

“This attack is mainly because the keeper of the EthCrossChainData contract can be modified by the EthCrossChainManager contract, and the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute the data passed in by the user through the _executeCrossChainTx function. Therefore, the attacker uses this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract.

The hacker claimed the attack would have been in billion had he decided to rug remaining “Shitcoins” as well. He also took a pot-shot at the protocol developers saying,

“WHAT IF I MAKE A NEW TOKEN AND LET THE DAO DECIDE WHERE THE TOKENS GO”

Ether Scan
Source: EtherScan
Advertisement
Advertisement

Tether Froze Hacker’s USDT Account, But Circle and Binance Didn’t

As soon as the hack was discovered, Poly Network requested all exchanges and miners to red-flag transactions initiating out of the mentioned hacked accounts. Tether was quick to the job and froze $33 million worth of USDT almost immediately. However, a majority of the funds were on the BSC network which many believe didn’t take appropriate steps to block the transactions.

One reason that Binance didn’t freeze BUSD transactions is that the native stablecoin cannot be frozen by anyone on the BSC network. However, Circle could still have blocked the transactions, but they decided against it and said they would take legal actions instead.

A Chinese blogger Chaojuin consulted all three token controllers of USDT, USDC, and BUSD

“I consulted USDT, USDC, and BSC for the first time. USDT was frozen. The CEO of USDC said that they wanted to go public legally and not frozen. BSC initially said that it was frozen, but after CZ Binance tweeted, Know that they are not frozen.”

Advertisement
coingape google news coingape google news
Investment disclaimer: The content reflects the author’s personal views and current market conditions. Please conduct your own research before investing in cryptocurrencies, as neither the author nor the publication is responsible for any financial losses.
Ad Disclosure: This site may feature sponsored content and affiliate links. All advertisements are clearly labeled, and ad partners have no influence over our editorial content.

Why Trust CoinGape

CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more…to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.

About Author
About Author
An engineering graduate, Prashant focuses on UK and Indian markets. As a crypto-journalist, his interests lie in blockchain technology adoption across emerging economies.
Investment disclaimer: The content reflects the author’s personal views and current market conditions. Please conduct your own research before investing in cryptocurrencies, as neither the author nor the publication is responsible for any financial losses.
Ad Disclosure: This site may feature sponsored content and affiliate links. All advertisements are clearly labeled, and ad partners have no influence over our editorial content.