Typically when we hear about a large-scale hack and ransom from an anonymous source, the funds disappear into the, well, ether never to be found ever again. It is a growing problem, especially among the cryptocurrency space where anonymity around the hackers and the funds themselves can help folks skulk off into the shadows with their loot. But not this time. In one of the weirdest hacking and ransom stories you will ever hear about, someone stole more than half a billion dollars from a cryptocurrency decentralized finance platform. And then they promptly returned every single penny of it.
A hacker(s) known only at this point as “Mr. White Hat” exploited vulnerabilities in the DeFi platform The Poly Network. The Poly Network is a part of a growing number of platforms that help link together ledgers in the cryptocurrency space, allowing for more seamless transactional between different chains. In doing so, they were able to walk away quickly with over $610 million dollars in assets. This led to the network freezing and, more than likely, a significant amount of panic considering the overwhelming nature of the assets taken.
But in a true cryptocurrency twist of our times, the panic likely didn’t last long. Poly Network was informed within 24 hours that Mr. White Hat would not be keeping a single penny of the heist. Instead, the plan all along was to return all of the funds. Within the first 24 hours, half of the stolen cryptocurrency was returned and as of this writing, the Poly Network had recovered all $610 million. Simply put, this just never happens. But apparently, the original goal of the hack wasn’t to walk off with millions and millions but rather to teach Poly (almost the hardest way possible) that their network was vulnerable. That their company funds were incredibly exploitable.
And the story gets even crazier from there. After Mr. White Hat left a message following the hack that said, in part, “That’s always the plan! I am _not_ very interested in money! I know it hurts when people are attacked, but shouldn’t they learn something from those hacks? “ didactically letting everyone know they were better than whatever securities Poly Network thought that they had in place around their cryptocurrency.
And Poly Network went even one step further after that. Not only were they not mad about it, they decided to hire Mr. White Hat on the spot. Poly offered Mr. White Hat a half a million-dollar bonus (presumably in cryptocurrency) for finding the bug that led to the hack and then offered the role of Chief Security Officer of the whole company. Now that is one hell of a way to write a resume and cover letter.
In the ever-growing world of cryptocurrency, hacks like this are bound to continue happening. But with more regulation around the economy, as well as the introduction of major financial institutions into the mix with an eye on the space, it is actually likely that security around exchanges and platforms continues to ramp up as well. There is simply too much money on the line to have this kind of thing continuing to happen. And maybe now some hackers will see a targeted attack on a company more along the lines of a job interview going forward.