Hacker Returns Bulk of the $612m Stolen from PolyNetwork, Refuses a $500k Bounty

The PolyNetwork hack, which is the largest DeFi hack ever, seems to be nearing the conclusion with the hacker returning almost all of the stolen funds. They have announced that they will not accept $500,000 offered as a bounty for finding and revealing the weak points in the network’s system.

The biggest and strangest DeFi hack ever

The PolyNetwork hack got a lot of publicity, and for a number of reasons. First, it happened only a few days ago, so it is still quite a fresh incident. Next, it is a massive one, with the hacker stealing $612 million in cryptocurrency. Also, it is the biggest hack that the DeFi sector has ever seen. Not to mention that it has an unusually chatty hacker, who was even willing to hold an AMA and respond to some of the crypto world’s burning questions through embedded messages in Ethereum transactions.

And finally, the hacker engaged in something that is very much not hacker-like behavior by returning most of the stolen funds.

Over the last few days, since the hack, the attacker has been revealing details of the hack, their reasons for it (it was a fun thing to do), and announcing their willingness to return the money. The hacker did have a bit of an issue with the Poly team, announcing that they did not appreciate the team’s initial response. But, they still returned the stolen money in portions.

For example, yesterday’s reports have revealed that, out of the $612 million that were lifted from the network, the hacker opted to return $258 million. Many associated this with the white hat behavior, and after the PolyNetwork’s team itself admitted that the hacker’s actions indeed constituted such behavior, the hacker decided to accept the extended olive tree branch, and return almost all of the money.

The only tokens that were not returned include roughly $33 million in Tether, which was frozen after the attack, and they now cannot be moved.

The hacker refuses their reward

It should be pointed out that it seems that the hacker did not plan to return the money after stealing it, but they still decided to do so after speaking to the team and the community about the incident. There was a mention of $500,000 offered to them as a bounty, which actually appears to be PolyNetwork’s idea, as they offered the money as a reward for pointing out the weaknesses in their systems. They also assured the attacker that they will not be held accountable for the incident, expressing their hope that the rest of the stolen tokens will be returned in exchange for a reward.

More precisely, the team offered to send the hacker, dubbed Mr. White Hat, $500,000 when they return the money. However, in one of the following messages, the hacker revealed the offer, also pointing out that they did not respond to the team. Instead, they decided to send the rest of the money back, and not accept the “reward.”

The refusal of the reward might mean anything. It might be possible that the hacker was honest when they said that this was never about the money, but simply for the challenge and the fun of stealing it. It might also be that they have concerns regarding the money that was promised, potentially fearing the possibility of being identified if they were to accept. Whatever the hacker’s reasons may be, the fact is that they returned everything other than the frozen USDT coins, and with that, the incident came to a conclusion.

Who was behind the attack?

The hacker’s identity still remains a mystery to the public, although this might not necessarily be the case when it comes to the PolyNetwork. Following the attack, China’s cybersecurity company, SlowMist, posted an update in which they claimed they have identified the hacker’s email address, IP, and device fingerprint.

If true, then the hacker may have also returned the money and refused the reward in order to keep their freedom. In any case, the incident was brought to a happy end, with PolyNetwork now being that much safer, and the stolen funds being once again in the project’s possession.