Just over half of the $600M stolen from Poly Network returned, hacker must input password to release the rest

More than $342 of the $600 million stolen in one of the biggest crypto exchange hacks in history has been returned to Poly Network customers, CNBC reported. The remaining $268 million of assets remains locked, however. To release the assets, both Poly and the hackers must provide passwords to access the respective account. This means the hacker could still make the funds inaccessible if they wished according to Tom Robinson, chief scientist of blockchain analytics firm Elliptic.

A Record Heist

Poly Network is a decentralized finance system that utilizes the blockchain to replicate trading, loans, and other conventional financial services. The system enables users to transfer tokens from one blockchain to another. The hacker took advantage of a vulnerability in Poly Network’s code and moved tokens to his own crypto wallets. As a result, Poly lost more than $610 million, calling the heist “the biggest in defi history.”

Just for fun?

The perpetrator claims they stole the assets “for fun” and never had any intention to keep them. They said they would “provide the final key when _everyone_ is ready” in a statement embedded in a digital currency transaction. They also claimed the exchange had offered them a reward of $500,000 to return the funds, which they rejected.

Stricter regulations will deter cybercriminals

Cryptocurrencies have so far been a boon to cybercriminals, who have specialized in ransomware attacks. These are where they steal data or lock down company or other systems and demand a ransom payment to restore access. The anonymity of transactions has made this possible. With stricter regulations, there are hopes at least some of these crimes will be deterred. What’s more, blockchain analysis makes it possible to trace the location of the funds.