Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Hackers behind history’s biggest crypto heist return millions in loot claiming they only did it ‘for fun’

It was ‘always the plan’ to return the tokens, the purported hacker claimed, adding they were ‘not very interested in money’

Adam Smith
Friday 13 August 2021 13:47 BST
Comments
About $353 million of the stolen funds was still outstanding
About $353 million of the stolen funds was still outstanding (AFP via Getty Images)
Leer en Español

Hackers behind one of the biggest ever cryptocurrency heists have returned more than a third of $613m (£443m) in digital coins they stole.

Poly Network, a decentralised finance platform that facilitates peer-to-peer transactions, said on Twitter that $260m (£188m) of the stolen funds had been returned but that $353m (£255m) was outstanding.

The hackers exploited a vulnerability in the system which allowed them to move assets between different blockchains.

Blockchains are ledgers of financial activities on various cryptocurrencies are based, and each type of the virtual currency such as Ethereum and Bitcoin has its own blockchain.

A person claiming to have perpetrated the hack said they did it “for fun” and wanted to "expose the vulnerability" before others could exploit it, according to digital messages shared by Elliptic, crypto tracking firm, and Chainalysis.

It was “always the plan” to return the tokens, the purported hacker wrote, adding: “I am not very interested in money.”

In a Q&A posted in the Ethereum blockchain, the hacker claimed that they did not want to cause a “real panic [in] the crypto-world”, so they only took “important coins” – hence why they targeted bitcoin and Ethereum, rather than Dogecoin.

The hackers or hacker have not been identified, and the authenticity of the messages has not been confirmed.

Tom Robinson, co-founder of Elliptic, said the decision to return the money could have been prompted by the headaches of laundering stolen crypto on such a scale.

An executive from cryptocurrency firm Tether said on Twitter the company had frozen $33m (£24m) connected with the hack, and executives at other crypto exchanges told Poly Network they would also try to help.

“Even if you can steal crypto assets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the broad use of blockchain analytics by financial institutions,” said Robinson.

Poly Network did not respond to requests for more details. It was not immediately clear where the platform is based, or whether any law enforcement agency was investigating the heist.

The size of the theft was comparable to the $530m (£383m) in digital coins stolen from Tokyo-based exchange Coincheck in 2018. The Mt. Gox exchange, also based in Tokyo, collapsed in 2014 after losing half a billion dollars in bitcoin.

The Poly Network attack comes as losses from theft, hacks and fraud related to decentralised finance (DeFi) hit an all-time high, according to crypto intelligence company CipherTrace.

At $600m (£434m), however, the Poly Network theft far outstripped the $474 million in criminal losses CipherTrace said were registered by the entire DeFi sector from January to July. The thefts illustrated risks of the mostly unregulated sector and may attract the attention of regulators.

The theft comes as Bitcoin’s price has increased 50 per cent over the last three weeks.

The recovery to above $46,000 (£33,000) has left cryptocurrency analysts divided over which way the digital coin will go – with two polarising theories setting it towards new all-time highs before the end of 2021, or on the brink of imminent collapse.

Additional reporting by Reuters

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in