A pretty serious hack of a Decentralized Finance (DeFi) Platform has resulted in more than $600 million in cryptocurrency being stolen. PolyNetworks is a platform that operates on the Binance Smart Chain, Ethereum, and Polygon Blockchains. As a good few of us know, it is extremely difficult to tamper or hack the blockchains. PolyNetworks is saying that the hackers managed to find a vulnerability in the system which they exploited.
The platform officially disclosed the hack on their official Twitter account last week (August 10, 2021), saying that it was attacked on all three of the blockchains, and are identifying three of the addresses where assets have been transferred.
The company has given the following statement.
We call on miners of affected blockchain and crypto exchanges to blacklist tokens coming from the above addresses. After preliminary investigation, we located the cause of the vulnerability. The hacker exploited a vulnerability between contract calls; exploit was not caused by the single keeper as rumored.
PolyNetwork has also tweeted an open letter to the attacker:
Some people are calling the hacker(s) a Robin Hood-like figure, and in fact, the majority of dark web hackers usually always enjoy the Robin Hood status due to them targeting big corporations and donating to charities or leaking classified data on the government and public figure corruption.
Cyberattacks and Cryptocurrencies
While this hack has been reported as one of the largest cryptocurrency heists so far to date, the PolyNetworks attack is merely one of the latest in a string of fraud and theft cases in the DeFi sector.
A report from the Crypto Intelligence Company called CipherTrace is saying that the losses from the DeFi sector hit an all-time high in just the first seven months of this year alone, with a little over $350 million in criminal losses from January to just July.
A lot of Cybersecurity Professionals see the blockchain as a big benefit for security, yet at the same time, cybercriminals and attacks are becoming more sophisticated all the time.
Just in 2019, the cryptocurrency exchange named CoinBase suspended trading on Ethereum Classic after attackers managed to obtain almost $500,000 worth of cryptocurrency in the attack.
I also believe that there is a double-edged sword of blockchain. This is when it comes to the increasing cyberattacks happening around the world. While the technology can be used as a good preventative measure against cyberattacks, it can also be used by cybercriminals in attacks outside of cryptocurrency theft.
The very bad news is that blockchain technology might prove to be the missing link in the full automation of ransomware attacks. Cybercriminals have already made efforts in automating the process of customizing and selling ransomware.