Crypto Hackers Start Returning Stolen Tokens—With $600 Million Still Missing After Massive Heist

Crypto Hackers Start Returning Stolen Tokens—With $600 Million Still Missing After Massive Heist


In an unusual twist for the one of the largest cryptocurrency heists ever, hackers who stole more than $600 million in tokens from blockchain-based platform Poly Network have apparently started sending back small amounts of the stolen funds, according to publicly documented data confirmed to show the transactions early Wednesday morning.

Key Facts

Transactions publicly stored on the blockchain show an address belonging to Poly's hacker returned nearly $4.8 million in assets through three separate transactions early Wednesday.

So far, Poly, a player in the booming decentralized finance space, confirmed it's received about $2.7 million in ether, and just over $1 million each on blockchain networks Binance Smart Chain and Polygon—meaning about $600 million in stolen funds have yet to be retrieved.

In a separate transaction earlier Wednesday, the hacker address sent a small amount of ether to Poly with a note reading: "READY TO RETURN THE FUND!"

The reversal comes after Poly demanded in a string of tweets that the hacker start returning the funds to three cryptocurrency wallet addresses, at one point saying the money stolen belonged to "tens of thousands of crypto community members."

In an email to Forbes, Tom Robinson, the chief scientist at blockchain analytics company Elliptic, confirmed the transactions and said he thinks the hacker beginning to return the funds "demonstrates that even if you can steal cryptoassets, laundering them and cashing out is extremely difficult due to the transparency of the blockchain."

Key Background

Tuesday's hack on Poly marks one of the biggest hacks in cryptocurrency history and is even bigger than the $460 million hack on cryptocurrency exchange Mt. Gox that led to the company’s bankruptcy and heightened regulation in the nascent space about seven years ago. Shortly after the Tuesday morning exploit, Poly urged cryptocurrency miners and exchanges to "blacklist" tokens coming from the hacker's addresses, and many soon heeded the call. Executives at some of the world's largest cryptocurrency exchanges—including Huboi, OKEx and Binance—said they were monitoring their platforms for any activity by the hacker. Changpeng Zhao, Binance's billionaire CEO, said the company, which serves as the primary operator of the blockchain on which binance coins are built, would coordinate with its security partners and “do as much as [it] can” to help. Meanwhile, Jay Hao, the CEO of cryptocurrency exchange OKEx, said the company is “watching the flow of coins and will do [its] best to manage the situation.”

What To Watch For

Legal action—and potential regulation—stemming from the hack. Less than a week ago, SEC Chairman Gary Gensler said booming decentralized finance platforms, also known as DeFi, deserve more government scrutiny and likened the space to the "Wild West." According to crypto intelligence firm CipherTrace, more than 75% of cryptocurrency hacks this year have been linked to DeFi.

Big Number

$103 billion. That’s the current market value of all decentralized finance tokens (like Polygon), according to cryptodata website CoinGecko. The space shot past a $100 billion valuation for the first time ever this year and peaked at about $150 billion in May before the broader crypto market crashed nearly 50%.


Subscribe to get our top stories