Poly Network Hacker Minted $42 Billion Tokens on Multiple Chains

The blockchain gaming industry was rocked by news over the weekend that Poly Network, a cross-chain bridge protocol, was once again a victim of a massive financial exploit. This marks the second multi-million dollar theft in two years for the protocol.

3z3 Labs Founder “Arhat” conducted an analysis regarding the hacked funds. He concluded that the attacker utilized a vulnerability within the protocol’s smart contracts, producing forged parameters to access the cross chain manager contracts and mint billions of fraudulent tokens.

The hacker’s wallet briefly held an incomprehensible $42 billion worth of tokens, a figure PeckShield comfirmed. To make matters worse, tokens included in the manipulated minting included 10 billion BUSD on Metis and 100 trillion SHIB on Heco. Unfortunately, the lack of liquidity for said tokens, drastically reduced the hacker’s ability to cash out.

So far, the attacker has only been able to exchange around $5 million of their crypto assets within decentralized markets like Uniswap and PancakeSwap. On Sunday, the PolyNetwork team switched off their services to safeguard their users’ funds, encouraging members to retrieve transactions and unlock their locked packages.

The hack mirrored an opposing backdrop unwinding in 2021 which saw Poly Network suffer a $600 million loss that was characterized as one of the greatest DeFi heists of all time. Remarkably, the attacker returned all of the stolen Cryptocurrency following the decision of the team to award a $500k white hat bounty.