Fun

News Feed - 2023-07-03 01:07:24

Martin Young4 hours agoPoly Network urges users to withdraw after exploit affects 57 crypto assetsThe Poly Network has been exploited again, this time due to compromised private keys, according to blockchain security firm Dedaub.3970 Total views7 Total sharesListen to article 0:00NewsJoin us on social networksFurther details are coming to light following a July 2 attack on cross-chain bridge platform Poly Network, with a hacker being able to issue billions of tokens out of thin air for profit.


In a July 2 tweet, Poly Network confirmed it became the latest decentralized finance (DeFi) exploit victim after attackers managed to manipulate a smart contract function on the cross-chain bridge protocol, adding it will be temporarily suspending services.


In the most recent update, the team revealed that the exploit affected 57 crypto assets on 10 blockchains, including Ethereum, BNB Chain, Polygon, Avalanche, Heco, OKX and Metis.


It did not specify how much was stolen in the attack, but PeckShield earlier reported that the exploiter had transferred out at least $5 million worth of crypto.Tokens transferred out of Poly Network. Source:Twitter/PeckShield


“We have already initiated communication with centralized exchanges and law enforcement agencies and sought their assistance,” the team stated in a July 3 update.


It also advised project teams and tokenholders to withdraw liquidity and unlock their liquidity provider tokens.’34 billion’ Poly Network hack breakdown


DeFi security analyst Arhat said the exploit resulted from a smart contract vulnerability that allowed the hacker to “craft a malicious parameter containing a fake validator signature and block header.”


This was accepted by the smart contract, enabling the hacker to bypass the verification process and allowing them to issue tokens from Poly Network’s Ethereum pool to their own address on other chains, such as Metis, BNB Chain, and Polygon.


The process was repeated for other chains enabling the token stash to pile up.


At one point, the hacker’s wallet held around $42 billion worth of tokens, but they were only able to convert and steal a fraction of them, said the analyst.“This way, the hacker was able to mint billions of tokens on various blockchains that did not exist before and transfer them to their own wallet addresses.”


Blockchain security solutions provider Dedaub dubbed the latest Poly Network exploit the “34 billion Poly Network hack.”Getting to the bottom of the "34 billion" Poly network hack with a technical postmortem.

TL ; DR

Poly network had a simple 3 of 4 multisig arrangement over 2 years!

Looking at the final event we found that the private keys to the addresses marked were compromised. pic.twitter.com/Y0eMJXcYso— Dedaub (@dedaub) July 2, 2023


Dedaub noted weaknesses in the protocol’s multisig, stating that it had a simple “3 of 4” multisignature arrangement over two years, adding:“Looking at the final event we found that the private keys to the addresses marked were compromised.”


Dedaub explained that the attack wasn’t complex, as no logic bugs were exploited. It added that Poly Network took seven hours to respond, which cost the platform $5.5 million in stolen crypto. Luckily, a lack of liquidity in many of the tokens prevented further losses.


Related:Over $204M lost to DeFi hacks and scams in Q2


Following the attack, Binance CEO, Changpeng Zhao reassured customers, stating that “This does not affect Binance users. We do not support deposits from this network.”Poly Network got rekt again; allegedly because of compromised hot keys.

It"s going to keep happening untill our industry changes our approach to security.

Smart contract audits only scratch the surface.

ps Poly network has NOTHING to do with Polygon. https://t.co/n1qI48b4Kb— Mudit Gupta (@Mudit__Gupta) July 2, 2023


Cointelegraph reached out to Poly Network for further details but received no response by publication.


In August 2021, the Poly Network was attacked in one of the industry’s largest-ever exploits. Hackers — later revealed to be linked with North Korean hacking collective, the Lazarus Group — made off with over $600 million.


Magazine: Tornado Cash 2.0: The race to build safe and legal coin mixers# Smart Contracts# Hackers# Hacks# DeFiAdd reactionAdd reactionRelated NewsHow to check an Ethereum transactionCybernetic organizations — BORGs — are doomed to failBinance caves to pressure over coin listings, scoring a win for privacyAttacker drains $800K from DeFi protocol Sturdy FinanceDeFi protocol Sturdy Finance offers $100K bounty to hacker if funds are returnedHashflow assures users will be made whole following $600K exploit

News Feed
A return to $50K? 5 Things to know in Bitcoin this week
William Suberg9 minutes agoA return to $50K? 5 Things to know in Bitcoin this weekBTC price performance is getting Bitcoin traders ready for a retest of lower support levels in the short term.106 Total viewsListen to art
2024-08-19 17:50 PM
Ethereum Could Be Mirroring Bitcoin’s 2018-2021 Cycle Amid Record Selling
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
2025-03-15 03:30 AM
Ethereum DApp volumes drop 33% in a week — Is more ETH price weakness ahead?
Marcel Pechman2 hours agoEthereum DApp volumes drop 33% in a week — Is more ETH price weakness ahead?Ethereum’s dominance in decentralized application deposits compensates for the reduced onchain volumes, but what ab
2024-08-20 06:30 AM
Crypto hack losses hit $19B, Terraform Labs shuts down: Finance Redefined
Prashant Jha4 hours agoCrypto hack losses hit $19B, Terraform Labs shuts down: Finance RedefinedNearly $19 billion worth of digital assets have been lost to exploits in the past 13 years, with $2.9 billion stolen in the
2024-06-15 04:25 AM
‘World War III Has Begun,’ Says Gerald Celente; Plus, Long-Term BTC Predictions and Scorching US Inflation — Bitcoin.com News Week in Review
"World War III Has Begun," Says Gerald Celente; Plus, Long-Term BTC Predictions and Scorching US Inflation — Bitcoin.com News Week in Review Trend forecaster Gerald Celente told
2022-07-17 21:00 PM
Poloniex, Bittrex Named in Lawsuit Involving the Alleged Tether-Fueled Crypto Pump
Poloniex, Bittrex Named in Lawsuit Involving the Alleged Tether-Fueled Crypto PumpOn April 3, the cryptocurrency community learned about 11 class-action lawsuits against various exe
2020-06-09 08:58 AM
Tom Blackstone5 hours agoCircle launches native euro stablecoin on StellarThe EURC stablecoin (formerly EUROC) is now available on Stellar in addition to Ethereum and Avalanche.921 Total views9 Total sharesNewsJoin us on
2023-09-27 03:48 AM
Turner Wright3 hours agoNo ‘mass exodus of funds’ following Binance-DOJ settlement — NansenRoughly 24 hours following the announcement of a settlement with U.S. officials, Nansen reported Binance’s total holdings
2023-11-23 05:33 AM
XRP Price Prediction: Analysts Turn Bullish As ‘Something Big Is Coming’, Here’s What
Este artículo también está disponible en español. Crypto analysts Amonyx and Egrag Cryptohave provided a bullish outlook for the XRP price with “something big” on the
2024-10-18 09:00 AM
Uzbekistan to Create National Mining Pool, Launch Licensed Exchange
Uzbekistan to Create National Mining Pool, Launch Licensed Exchange Establishing a “national mining pool” has been declared a priority in Uzbekistan. Miners who join
2020-01-16 14:20 PM
Tokenized Bitcoin in Circulation Nears a Half Million BTC, Bitcoin-Pegged Token Value Exceeds $21 Billion
Tokenized Bitcoin in Circulation Nears a Half Million BTC, Bitcoin-Pegged Token Value Exceeds $21 Billion According to data recorded on December 28, there’s approximately 43
2021-12-29 02:00 AM
Coinbase adds former Bill Clinton aide, Supreme Court lawyer to board
Brayden Lindrea3 hours agoCoinbase adds former Bill Clinton aide, Supreme Court lawyer to boardTwo of the new Coinbase directors have previously served under US presidents, while the other has extensive experience in the
2024-07-26 14:01 PM