Poly Network Falls Prey to Multi-Billion-Dollar Exploit

Perpetrators have exploited the Poly Network, a prominent cross-chain transport protocol, initiating the illicit creation of assets reported to be worth approximately $34 billion across various chains. The event underlines the persistent vulnerabilities that continue to challenge the rapidly evolving landscape of blockchain security.

Exploitation of Metis, Ethereum’s Layer Two Network

The lion’s share of these manipulated assets were found to reside on Metis, a Layer Two Network built on the Ethereum blockchain. That highlights the reality that even advanced Ethereum layers, acclaimed for their sophistication, are not immune to security breaches.

Nevertheless, it’s crucial to note that while the hackers have reportedly minted billions in diverse tokens, their actual liquidation capacity could be significantly less.

As the market was thrown into turmoil on that fateful Sunday morning, the DAO  of Metis stated that liquidity is insufficient to sell off the freshly minted BNB and BUSD tokens. The large-scale security breach, despite its shocking magnitude, did not succeed in shaking the confidence of Metis Andromeda users. The DAO moved swiftly to quell panic, assuring users of the security of their funds.

Additionally, the DAO reported, “All fraudulently minted METIS tokens from PolyBridge are securely locked on BNBChain by PolyNetwork, suffering from limited liquidity.”

Binance’s Reaction and Assistance

The event sparked widespread reactions. Changpeng Zhao, CEO of Binance, clarified that the incident hadn’t impacted the exchange. The reason? Binance doesn’t accept deposits from the Poly Network. Nevertheless, Zhao mentioned that Binance’s security team actively assists Poly Network in the ongoing investigation.

As chaos ensued, Poly Network, Metis, and other affected entities were racing against time, striving to freeze the illegally minted assets. In this high-stakes cat-and-mouse game, hackers were seen hastily trying to liquidate as much as possible. Blockchain analytics firm LookOnChain reported that various assets were exchanged for Ethereum to maintain liquidity.

A Deja Vu for Poly Network

Regrettably, this recent attack isn’t an isolated event in Poly Network’s history. A comparable exploit occurred in August 2021, where malefactors shifted $610 million worth of digital assets to wallets under their control.

In response, the Poly Network team reached out to exchanges and miners for assistance in tracing and freezing the stolen tokens. Industry players halted the asset flow as a united front, with Tether freezing $33 million worth of USDT.

 A Call for Return of Stolen Tokens

Following the 2021 attack, the Poly team appealed to the hackers publicly on Twitter, imploring them to return the stolen tokens. The tokens were returned within 15 days in a surprising turn of events.

Interestingly, six days post the initial breach; the perpetrators revealed that their motive was not outright theft. They professed that the intention was to expose the network’s vulnerabilities and contribute to enhancing Poly Network’s security.

This latest exploit, although daunting, could be an opportunity for the blockchain community to revisit its security protocols and strengthen the fortifications, ensuring a safer future for decentralized finance.

None of the information on this website is investment or financial advice and does not necessarily reflect the views of CryptoMode or the author. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website by its authors or clients. Always conduct your research before making financial commitments, especially with third-party reviews, presales, and other opportunities.