Attacker Siphons $10 Million in Crypto From Poly Network – Here's What Happened

cryptonews.com:

A hacker exploited the Poly Network over the weekend and swapped out nearly $10 million in ETH, security firm Beosin revealed.

Poly Network confirmed via Tweet on July 2nd that it became the latest victim of a DeFi exploit, enabling the hacker to mint $34 billion worth of crypto.

Poly Network, a cross-chain bridge that facilitates asset transfers across different blockchains, announced to temporarily suspend its services the following day after the hack occurred. 

The team behind the DeFi network revealed that the exploit allowed the hacker to mint 57 tokens across 10 blockchains, including Ethereum, BNB Chain, Metis, Polygon, Avalanche, Heco, and OKX.

The hacker’s wallet held over $42 billion worth of tokens following the hack on Sunday.

However, the hacker could not cash out the entire artificially minted stash because of lack of liquidity and security precautions. 

The hack that occurred on Poly Network could have resulted from a theft of private keys used in the platform’s main smart contract, as per security analysts at Beosin and Dedaub.  

The security analysts don’t think that the exploit happened because of a specific vulnerability within the contract’s logic. 

The private keys for three out of the four admin wallets, which power the network’s main smart contract, were compromised, security firm alleged. 

The Poly Network team has not provided clarity on these claims yet. 

The team behind the DeFi network revealed that it was actively working with centralized exchanges and law enforcement agencies to identify the perpetrator and recover the funds as it announced to suspend its services temporarily.

Following the Poly Network hack, Binance CEO, Changpeng Zhao reassured customers it does not affect Binance users. The exchange