Crypto heist hacker: The hacker who stole $ 600m (£ 433m) worth of cryptocurrency has now returned most of the stolen assets.
On Thursday, the Poly Network confirmed on Twitter that $ 268 million worth of ether tokens have now been recovered.
In the past 24 hours, the hacker has returned $ 342 million worth of tokens to three crypto-currencies.
The man posted several pages of notes to Blockchain, revealing why they had hacked the company and the offers the Poly Network had made to them.
In a twist of concern to some cybersecurity experts, the hacker claimed that the company offered to pay $ 500,000 if they promised to return the stolen property, as well as give immunity from prosecution.
However, the hacker said he did not accept the offer.
As of Thursday evening, the Poly Network had posted an update stating that most of the remaining assets held by the hacker had been transferred to a hacker and company-controlled digital wallet.
But some money is still outstanding.
“The hacker still has $ 33.4 million worth of stolen tethers [tokens] because it was frozen by a tether,” Tom Robinson, co-founder of London-based blockchain analytics and compliance company Elliptic, told the BBC.
He said “other tokens worth a few thousand dollars” in the black chain were being seized by a hacker.
However, as part of these stolen assets or donations, the hacker requested that they be sent on Thursday to pay compensation to customers who have lost money due to the hacker.
Other money in arrears also included a 13.37 ether tip ($ 40,000) sent by a hacker to a user who warned that its developer had frozen Taker tokens.
The Poly Network hack took place on Tuesday, with the blockchain site Poly Network saying that hackers took advantage of the vulnerability in its system and took away thousands of digital tokens such as Ether.
In a letter posted on Twitter, the robbers demanded that “communication be established and the hacked assets returned”.
The anonymous hacker claimed that he or she had exploited it for fun and that the cryptocurrency exchange firm should encourage poly networks to improve their security.
Offer immunity from prosecution
Poly Network said on Twitter that it was waiting for the repayment process to be completed, but that it was working with a hacker, naming the company “Mr. White Cap”.
White hat hackers are ethical security researchers who use their skills for good to help companies detect security vulnerabilities.
This is how the Poly Network referred to the hacker in multiple public posts. The hacker alleges that they received a message from the company via blockchain: “We believe you’re acting white cap behavior, so we plan to give you a $ 500,000 reward.”
The agency added: “We assure you that you will be held accountable for this incident.”
The alleged move has angered some in the security world, who are concerned that it could serve as an example for criminal hackers to whitewash their actions.
- Taliban claim control of Kandahar, Afghanistan’s second-largest city
- Metro Detroit flash flood warning; 700K+ without power
Katie Paxton-Fear, a white hat hacker and lecturer at Manchester Metropolitan University, said, “Labeling this hack as a white hat is really frustrating.”
Ms. Paxton-Fear has found more than 30 vulnerabilities in organizations ranging from the U.S. Department of Defense (DOD) to Verizon Media.
“White hat hacking is about having a range, not touching certain systems, working with a team, writing professional reports outlining our research, not going beyond what we need to demonstrate risk,” she says.
“Our policy is ‘first, do no harm’, effective solutions are in place and do not endanger customer data.”
Charlie Steele, a partner in the Forensic Risk Alliance and a former Department of Justice and FBI official, is also concerned about the allegations coming from the Poly Network.
“Private companies have no authority to promise immunity from criminal prosecution,” he told the BBC.
“In this case the hacker stole $ 600 million ‘for fun’ and then returned most of it.