A cryptocurrency firm has taken an unusual approach to dealing with a hacker that stole from them: offering employment.
Poly Network had $610 million (£443 million) stolen from it last week in what was dubbed one of the biggest cryptocurrency heists ever.
However, after reaching out to the perpetrators on Twitter, the company said it was able to recover some of the stolen funds.
Poly Network is a decentralised finance platform that facilitates peer-to-peer transactions. It said on Twitter that $260 million of the stolen funds had been returned but that $353 million was outstanding.
The hackers exploited a vulnerability in the digital contracts Poly Network uses to move assets between different blockchains, according to blockchain forensics company Chainalysis.
But now the company has decided the hacker – known as ‘Mr White Hat’ – can keep a $500,000 (£363,000) bug bounty ‘reward’ for exposing the vulnerability.
Furthermore, it says it would like to offer the hacker a job as Chief Security Advisor.
In a blog post, the company said:
‘Mr. White Hat shared his concerns about Poly Network’s security and overall development strategy in a recent public dialogue.
‘The Poly team is actively working with organizations that are equipped to provide security solutions, with the aim of presenting the public with a robust and secure system that is fully prepared for Poly Network’s recovery and revamp.
‘However, a significant system upgrade such as this one is not something that can take place overnight. And so ensuring the safety of users’ assets and returning them as soon as possible with minimal restoration of system functionality and maximum protection of funds still continues to be the priority, because restoring normal operation on Poly Network is the essential foundation on which we can start conceiving a new future together. Thus, we sincerely hope Mr. White Hat can understand our appeal and continue to actively cooperate with us.
‘We are also counting on more experts like Mr. White Hat to be involved in the future development of Poly Network since we believe that we share the vision to build a secure and robust distributed system.
‘Also, to extend our thanks and encourage Mr. White Hat to continue contributing to security advancement in the blockchain world together with Poly Network, we cordially invite Mr. White Hat to be the Chief Security Advisor of Poly Network.’
Although the identity of Mr White Hat remains a mystery, it could be likely he or she is (as the name implies) a ‘white hat’ hacker more interested in the technical challenge than stealing the funds.
A person claiming to have perpetrated the hack said they did it ‘for fun’ and wanted to ‘expose the vulnerability’ before others could exploit it, according to digital messages shared by a crypto tracking firm called Elliptic and Chainalysis.
It was ‘always the plan’ to return the tokens, the purported hacker wrote, adding: ‘I am not very interested in money.’
The Poly Network attack comes as losses from theft, hacks and fraud related to decentralised finance (DeFi) hit an all-time high, according to crypto intelligence company CipherTrace.
MORE : Amazon quashes rumours it may start accepting Bitcoin payments
MORE : Cryptocurrency can help the millions who are ‘unbanked’
0 Commentaires