$610 Million Defi Hack: Why didn’t Binance and Circle Freeze Hacker Account?

By Prashant Jha
Published August 11, 2021 Updated August 11, 2021
Best Buy In

DeFi Platform

Exchanges

Wallet

Hack

$610 Million Defi Hack: Why didn’t Binance and Circle Freeze Hacker Account?

By Prashant Jha
Published August 11, 2021 Updated August 11, 2021

Poly Network became the victim of the largest Defi hack in crypto history as hackers managed to drain $610 million worth of assets on Binance Smart Chain (BSC), Ethereum (ETH), and Polygon. As per the latest development, the hacker behind the attack has agreed to return the fund and has demanded a secure multi-sig wallet from the Poly Network.

A total of $610 million were stolen out of which $266,5 million were sent to an ETH address, $252 million were sent to a BSC address, and $85 million to Polygon address.

Poly Network
Source: PolyNetwork

SlowMist, a blockchain analytic firm that managed to get hold of the hacker’s IP address and digital fingerprint discovered that the hacker’s initial source of funds was Monero (XMR), and then changed to BNB/ETH/MATIC and other coins in the exchange and withdrew the coins to 3 addresses. The forensic group summarised the attack as

“This attack is mainly because the keeper of the EthCrossChainData contract can be modified by the EthCrossChainManager contract, and the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute the data passed in by the user through the _executeCrossChainTx function. Therefore, the attacker uses this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract.

The hacker claimed the attack would have been in billion had he decided to rug remaining “Shitcoins” as well. He also took a pot-shot at the protocol developers saying,

“WHAT IF I MAKE A NEW TOKEN AND LET THE DAO DECIDE WHERE THE TOKENS GO”

Ether Scan
Source: EtherScan

Tether Froze Hacker’s USDT Account, But Circle and Binance Didn’t

As soon as the hack was discovered, Poly Network requested all exchanges and miners to red-flag transactions initiating out of the mentioned hacked accounts. Tether was quick to the job and froze $33 million worth of USDT almost immediately. However, a majority of the funds were on the BSC network which many believe didn’t take appropriate steps to block the transactions.

One reason that Binance didn’t freeze BUSD transactions is that the native stablecoin cannot be frozen by anyone on the BSC network. However, Circle could still have blocked the transactions, but they decided against it and said they would take legal actions instead.

A Chinese blogger Chaojuin consulted all three token controllers of USDT, USDC, and BUSD

“I consulted USDT, USDC, and BSC for the first time. USDT was frozen. The CEO of USDC said that they wanted to go public legally and not frozen. BSC initially said that it was frozen, but after CZ Binance tweeted, Know that they are not frozen.”

advertisement

Disclaimer
The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.
About Author
Prashant Jha
1090 Articles
An engineering graduate, Prashant focuses on UK and Indian markets. As a crypto-journalist, his interests lie in blockchain technology adoption across emerging economies.

Loading Next Story