enes

Back to blog

Poly Network hack: the largest DeFi hack to date. How to monitor the funds?

By:

loading

SCORECHAIN

Date: August 12th 2021

Published on: Investigation

Tags:

DeFi, Hack, How to,

Poly Network hack: the largest DeFi hack to date. How to monitor the funds?

  • Poly Network hack is said to be the largest one in DeFi history.
  • After establishing communication with the hacker, Poly Network started to receive some of the stolen funds back.
  • In such cases, blockchain analytics tools are very useful to track and monitor the coins.

What is Poly Network?

First, Poly Network is a cross-chain protocol acting as a bridge on the Ethereum, Binance, and Polygon blockchains. And, it allows users to transfer funds from one blockchain to another.

However, on Tuesday 10, 2021, it announced1 on its Twitter account that a hacker struck the 3 chains in a row, namely Ethereum, Binance, and Polygon blockchains stealing large amounts of funds.

The Poly Network hack is said to be the largest one in the (DeFi) industry. Indeed, the hacker ran off with around $610 million in various cryptocurrencies including ETH, and tokens such as DAI or USDT for instance.

Polynetwork hack: what we know

Poly Network team was able to identify three wallet addresses belonging to the hacker and reported them on Twitter:

  • ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963
  • BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71
  • Polygon: 0x5dc3603C9D42Ff184153a8a9094a73d461663214

After a preliminary investigation from Poly Network2, the hacker was able to take advantage of a vulnerability between contract calls.

Poly Network urged crypto platforms to blacklist tokens coming from the addresses above. Accordingly, Tether froze an equivalent of $33 million in USDT on the Ethereum chain3.

Also, the team also started communication with the hacker asking to return the funds4 and providing a return address: 0x71Fb9dB587F6d47Ac8192Cd76110E05B8fd2142f5. After leaving several transaction messages, it seems that the hacker started to send back some of the stolen funds from Polygon Network6. For example, on a screenshot posted on their Twitter account, we can read the transaction message: “You are moving things to the right direction. We received 1+M USDC on Polygon.”

As of August 12, PolyNetwork published7 on their Twitter account that the hacker, called Mr. White Hat by Poly team, transferred all the funds, except the frozen USDT, to Poly Network on a multisig wallet jointly controlled by the two. To finish the fund recovery process, Poly Network keeps communicating with the hacker to receive the final key.

This hack is the latest targeting the DeFi sector. It often suffers from attacks and exploits due to its increasing popularity in the past few months. Therefore, compliance officers dealing with cryptocurrencies should be cautious about such funds to remain compliant.

How to monitor the funds from Poly Network hack?

As with every hack, Scorechain takes prompt action to red flag the related addresses. Firstly, Scorechain flagged the address related to the Poly Network hacker on its Ethereum Platform:

  • 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963

Accordingly, the address is flagged as “Hack” and has the lowest score of 1.

Also, with Scorechain crypto compliance software, users can easily track the destination of the funds related to this hack. Scorechain users can also use risk indicators to be notified if an address has interacted with the funds. If this is the case, the risk indicator “Hack” will be triggered if it has been set beforehand by the user.

Then, users can also set up alerts to monitor the funds in real-time and take prompt appropriate measures if necessary. On Scorechain Ethereum platform, users can select which coins they want to monitor. Also, they can define their custom conditions for the alert to be triggered.

Besides, Scorechain solution also comes with tools like the Case Manager, KYA/KYT reports, the Entity Directory that allows compliance officers to implement a comprehensive risk-based approach to crypto transaction monitoring.

Lately, several hackers targeted the DeFi sector. Of course, such funds have a very high money laundering risk and compliance officers should treat them carefully. Scorechain solution is an easy way to mitigate these risks and comply with crypto AML/CFT requirements worldwide.

So, don’t hesitate to reach out to get a demo and a free trial and discover how Scorechain can help your business to be compliant.

Request a free demo

About Scorechain

Scorechain is a Risk-AML software provider for cryptocurrencies and digital assets. As a leader in crypto compliance since 2015, the Luxembourgish company serves more than 100 customers in 37 countries, ranging from cryptocurrency businesses to financial institutions with crypto trading, custody branch, digital assets customers onboarding, audit and law firms and some LEAs.

Scorechain solution supports Bitcoin analytics with Lightning Network detection, Ethereum analytics with all ERC20 tokens and stablecoins, Litecoin, Bitcoin Cash, Dash, XRP Ledger and Tezos. The software can de-anonymize the Blockchain data and connect with sanction lists to provide a risk scoring on digital assets transactions, addresses and entities. The risk assessment methodology applied by Scorechain has been verified and can be fully customizable to fit all jurisdictions. 300+ risk-AML scenarios are provided to its customers with a wide range of risk indicators so businesses under the scope of the crypto regulation can report suspicious activity to authorities with enhanced due diligence.

References:

  1. https://twitter.com/PolyNetwork2/status/1425073987164381196
  2. https://twitter.com/PolyNetwork2/status/1425130017546149891
  3. https://twitter.com/paoloardoino/status/1425090760609832978
  4. https://twitter.com/PolyNetwork2/status/1425123153009803267
  5. https://twitter.com/PolyNetwork2/status/1425321860539949056
  6. https://twitter.com/PolyNetwork2/status/1425395278341820420
  7. https://twitter.com/PolyNetwork2/status/1425870262067548163