Share this article
Poly Network Hacker Starts to Return Drained Funds
The hacker sent millions of dollars back.
Updated Sep 14, 2021, 1:38 p.m. Published Aug 11, 2021, 9:36 a.m.
An address associated with the hacker who drained Poly Network of potentially hundreds of millions of dollars on Tuesday has started to return the funds.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
- The hacker's Polygon address sent $10,000 in USDC to a wallet set up by Poly Network at 8:46 UTC on Wednesday, before sending another $1 million 15 minutes later, PolygonScan, a tool that enables searches for transactions on the Polygon blockchain, shows.
- The Poly Network is a computer network that allows users to transfer digital tokens from blockchain to another one.
- The hacker also returned $1.1 million in BTCB on Binance Smart Chain at 9:49 UTC.
- On the Ethereum blockchain, the hacker returned $622,000 in fei at 10:54 UTC and a little over $2 million in shiba inu five minutes later.
- When Poly Network announced the hack and the associated wallet addresses, the accounts held over $600 million in various cryptocurrencies. Less than $400 million remained by the time the hacker said he was ready to return the funds.
- Before starting the return, the hacker embedded a message in a transaction with himself: "ACCEPT DONATIONS TO "THE HIDDEN SIGNER" NOW. ENCRYPT YOUR MSG WITH HIS PUBKEY."
- The hacker has been embedding messages to transactions with his own addresses to communicate with the world. Dozens of people have used the same method to ask for handouts.
- Earlier Wednesday, the hacker used the same approach to say he was ready to return the funds. He then said he was unable to get in touch with Poly Network and asked for multisignature wallets.
- Poly Network, which had been calling for the funds' return, prepared wallets on Ethereum, Binance Smart Chain and Polygon, the three blockchains the hacker has been using.
- O3 Labs, a Tokyo-based blockchain developer associated with Poly Network's affiliate Neo, said the hacker might be a so-called "white-hat" hacker. Returning the funds indicates the hacker wasn't after his own gain, like a so-called "black-hat" hacker, but wanted to expose vulnerabilities to make the project more robust.
- The attack took advantage of a bug within Poly Network's cross-chain smart contract, security company SlowMist said.
UPDATE (AUG 11, 10:24 UTC): Adds details about the hacker's behavior.
UPDATE (AUG 11, 11:20 UTC): Adds funds returned on Ethereum.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
DOT Sinks 2% After Breaking Key Support
The Polkadot token erased earlier gains amid elevated volume, falling from a high of $2.09 to $1.97.
What to know:
- DOT collapsed through ascending trendline support around the $2.05 level on a massive 284% volume surge.
- The token broke decisively below the support level to trade 2% lower over the last 24 hours.
Top Stories
