[UPDATE 2021.08.23]
As per the update provided by the Poly Network on 19 August 2021, assets worth approximately $427 million were returned by the hacker. The update further stated that 28,953 ETH and 1,032 WBTC (about $141 million) were still left in the ¾ multi-signature wallet and that Poly Network is waiting for the hacker to provide his private key authorization.
On 23 August 2021, Poly Network released another update announcing that the hacker has publicly shared the private key needed to regain control of the remaining assets through an on-chain message. The announcement stated that Poly Network has successfully retrieved the remaining $141 million and has fully recovered all the user assets that were transferred out during the attack.
This comes after Poly Network promised the hacker a $500,000 bounty for the restoration of user funds, inviting him to become its “chief security advisor.”
Poly Network after verifying the private key provided by the hacker regained control of the $610 million (not including the frozen $33 million USDT) in assets that were affected in this attack. With respect to the recovery of $33 million USDT, Poly Network stated that they have been in close communication with Tether and that “Tether is in the process of confirming the final unfreezing process” with them. Additionally, Poly Network thanked the hacker for his cooperation and stated that they had officially entered the fourth phase of their roadmap “Asset Recovery.” The Poly Network team is in the process of returning full asset control to their users as swiftly as possible.
As per the panelists of Merkle Science’s “Regulating the DeFi Frontier: Where Consumer Protection & Financial Innovation Collide” webinar, the Poly Network hack is a classic example of the situation where enforcement may arrive before regulation. The panelists noted that the collective action of the crypto industry such as blockchain analytics, blocking certain transactions, and adding the individual tokens to the black lists may have pushed the hackers to return the stolen amount
On 10 August 2021, the Poly Network was attacked by a hacker, losing over $600 million — the largest crypto hack since the Coincheck hack in 2018 — across the Ethereum, Binance Smart Chain, and Polygon blockchains. (The previous record The hack was initially rumored as a leak of the private key of a single keeper in the network but the Poly Network and others in the blockchain community have confirmed that the hacker exploited a smart contract vulnerability between contract calls.