If you are unfamiliar with Poly Network, it is a China-based decentralized finance (DeFi) platform. The company says a threat actors “exploited vulnerability” to gain access to systems and assign themselves as owners of money moving through the platform. Specifically, the attackers leveraged a flaw in the “_executeCrossChainTx”. This is a function that handles interoperability communication between blockchains. “The attacker use this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract,” Poly Network stated.
— Poly Network (@PolyNetwork2) August 10, 2021 While Poly is not saying how much was taken, but reports suggest $611 million was stolen in digital tokens. These are representations of the crypto asset that sit in the blockchain. Tokens are associated like coins in the blockchain. In terms of this breach, BowsCoin (BSC) and Ethereum (ETH) tokens were taken.
Confirmation
On Twitter, Poly Network confirmed the attack with the following post: “We are sorry to announce that #PolyNetwork was attacked on @BinanceChain @ethereum and @0xPolygon Assets had been transferred to hacker’s following addresses: ETH: 0xC8a65Fadf0e0dDAf421F28FEAb69Bf6E2E589963 BSC: 0x0D6e286A7cfD25E0c01fEe9756765D8033B32C71.” The company says cryptocurrency miners to blacklist any tokens coming from the addresses listed in the tweet. Now Poly is taking legal action to find and prosecute the hackers. It urged the group to return the tokens, with over 340 million given back so far (at time of writing).
The remaining is $268M on Ethereum — Poly Network (@PolyNetwork2) August 12, 2021 Tip of the day: By default, the most used apps group in your start menu shows the six most frequently used apps. However, you can customize your Windows 10 Start Menu to exclude certain apps from the list or get rid of the most used apps section entirely.