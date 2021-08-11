The Poly Network decentralized finance platform suffered a cyber attack: the amount of stolen money was defined “the largest in the history of decentralized finance“. Have been stolen the equivalent of over $ 610 million from cash funds.

In the announcement, reported on Twitter, it is specified that Poly Network is trying to get in touch with the attackers by trying to persuade them that collaborating with the company is better than continuing to transact with the stolen money.

“The money you stole is from tens of thousands of crypto community members, hence people“the press release closes.

Poly Network is a platform that aims to make the various blockchains underlying cryptocurrencies interoperable.

What are liquidity funds in the crypto sector

Liquidity funds in the crypto sector are funds that serve to ensure that whenever a user wants to sell or buy a certain amount of cryptocurrency there are sufficient funds to ensure that such an exchange takes place and that it is realized at a certain value.

Those who participate in liquidity funds obtain tokens in proportion to their contribution to the fund.

Whenever an exchange is facilitated by a liquidity fund, a small fee is transferred to whoever paid the money initially: being in possession of more tokens means being entitled to a greater share of that fee.

It is from this pool of cryptocurrencies that the perpetrators of the Poly network attack have withdrawn the money.

What was the attack

SlowMist, a research firm specializing in blockchain security services and which discovered the attack, explained in a post published on Medium that the vulnerability is linked to how the platform manages contracts and addresses that can regulate transactions and which, in a nutshell, can access liquidity funds.

By manipulating the contract data and changing the authorized address, the attackers were able to withdraw as many funds as possible. “After replacing the address that plays the role of custodian, the attacker can carry out a transaction at will and withdraw any amount of funds from the contract“summed up SlowMint.

The society he pointed out that based on the information that was gathered, the attack “it was long planned, organized and prepared“.

Ethereum has changed: commissions are more predictable. Why the update is so important Go to the deepening

The equivalent of $ 267 million in ether, the cryptocurrency based on the Ethereum blockchain, was stolen; more than $ 252 million in Binance Coin, used to pay fees on the Binance exchange platform, and $ 85 million in USD Coin tokens, a stablecoin linked to the US dollar.

The reactions

Binance CEO Changpeng Zhao wrote about Twitterthat “we are coordinating with security partners to proactively help“and specified that”there are no guarantees“.

Tether’s technological director, Paolo Ardoino, he saidblocking the US $ 33 million equivalent of the Tether stablecoin on the attacker’s address.