Poly Network Attacker Threatens to Delay Return of Funds

18 August 2021

The hacker who carried out a $600 million-plus exploit on the blockchain protocol Poly Network has threatened to delay the full return of funds until at least next week.

“YOUR ESSAYS ARE VERY CONVINCING WHILE YOUR ACTIONS ARE SHOWING YOUR DISTRUST, WHAT A FUNNY GAME,” the attacker, identified on the blockchain-tracking website Etherscan as “Poly Network Exploiter 1,” wrote Wednesday in a transaction data field on the Ethereum blockchain. 

The saga has already dragged into its second week, as executives behind the project plead with the attacker to return the looted funds from the Aug. 10 attack. They have created a destination account for the return of the funds, but it requires multiple signatures to unlock the funds, and the attacker’s cooperation is needed.


In what appeared to be a reply, a subsequent message posted on Ethereum and signed “Poly Network Team” said that “we still hope you can provide the key to us this week, because thousands of users are waiting to get their assets back.”

“The sooner the asset recovery can be carried out, the more negative emotions will be avoided,” the message read. “We are unlikely to get a proper rest until we fully return the user assets.”

The Polygon Network negotiators have referred to the attacker as “Mr. White Hat” – ostensibly a reference to a  “white hat” attacker who tries to exploit vulnerabilities in a protocol to help expose and ultimately fix bugs or loopholes in the underlying code. 

Bounty paid in ETH?

They have also promised to send the attacker a $500,000 bounty for helping to identify a vulnerability in the protocol.

And in the message on Wednesday, the Poly Network Team address wrote that “we still decided to go ahead and transfer 160 ETH” to an address associated with the attacker. The dollar equivalent of 160 units of ether (ETH) works out to roughly $500,000. 

But as of press time, CoinDesk could not independently confirm that such a transfer had been made. 

Poly Network officials didn’t immediately reply to a request for comment on the latest blockchain banter. 

The transparency of blockchain data has turned the back-and-forth negotiations between the attacker and Poly Network’s staff into a surprisingly suspenseful drama playing out in public.

As reported previously by CoinDesk, cryptocurrency users have sent dozens of complimentary messages to the attacker pleading for a share of the loot, and some of them have even used the Ethereum blockchain to send small increments of cryptocurrency as tips. 

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.