1. Yesterday, a Cross Chain DeFi called Poly Network was hacked. This is currently the most expensive crypto security breach, as more than $600 million worth of crypto including stable coins such as USDT, USDC, BUSD, and DAI were stolen.
- Cryptocurrency is safe; How did it happen? Plain cryptocurrencies like Bitcoin are safe. Except for the 51% Attack, there is no other way to take it directly from the network. But in Smart Contract Blockchains including Ethereum, Since anyone can write smart contract code and upload it to the Blockchain, there are often security issues due to the vulnerability of that code.
- error-free code; Since there is no such thing as an error-free program, problems will arise in smart contracts from time to time. As with any other software project, you should ensure code reviews and try to reduce risk as much as possible. Recovery and Mitigation Procedures must be in place for what to do if it happens.
- If there is a problem due to the Smart Contract, the service using that Smart Contract will be affected. It does not affect the main Native Blockchain and Native Tokens.
- Cross Chain technology is an intermediary technology that allows assets in different Blockchains to be sent to each other. Normally, if the network is different, it cannot be transferred. Cross Chain technology means that the network on the other side connects the smart contract with the network on the other side.
2. The hacker transferred the stolen tokens to an Ethereum (ETH) wallet and a Binance Smart Chain (BSC) wallet. Note that blockchain transactions are public, so everyone can see this transfer.
3. Upon learning of this, Tether froze $33 million worth of stolen USDT. Therefore, as a hacker, you will no longer be able to extract and use these tokens. Circle and Binance do not freeze other stolen USDC and BUSD. The reason is not known for sure.
4. Poly Network has announced that it has discovered a stolen vulnerability. The hacker issued a letter to return the stolen tokens. "Give back what you took away" is the meaning.
- Actually, there is also a problem with hacking. Tokens can be stolen, but it's not easy to actually use them. His wallet address will be blacklisted by exchanges and miners. So either directly from his wallet address or It will be difficult to make money because the exchanges will not accept the assets that come out through or through. Miners will not be able to make transactions if they do not add their transactions.
- It's not impossible at all. Some DEXs designed to launder money are available as money go-to partners. They have also seen attempts to make friends like that.
5. As a hacker, in order to perform hacking tasks, you need some tokens before hacking. A security service group called SlowMist was able to find the hacker's e-mail address and Monero address, and through that address, they found out which exchanges needed tokens.
- If a hacker has to KYC in one of the Exchanges, soon, with the help of the Exchange, the exact ID can be revealed.
- These stories spread in more detail on Chinese social media. What I know now is what I know through it. Poly Network was developed by the Chinese and SlowMist was also developed by the Chinese. It is not yet known whether the hacker is Chinese.
6. The hacker responds by inserting messages into the blockchain from his address. Not only transactions but also custom messages can be added to blocks.
- In the first message, he said that if I really carry everything, I can carry billions of dollars. Soon the second message said that the tokens will be returned. In the third message, it says that Poly Network cannot be contacted. By doing so, I added that I have gone down in history. He also seems a little startled.
7. Now the tokens have started to be sent back.
- What should be noted from this event is that plain cryptos like Bitcoin are more secure, but DeFi using smart contracts will not be fully secure. So ** do what you have to do, Then it's best to add your token to your wallet**. Because I put it on the Exchange, If you put it in DeFi and get hacked, your tokens will be hacked too.
- Another thing to note is, Due to the Public Transaction nature of Crypto, The fact that everything can be traced back. Even if it's hacked, you can trace where the coils are and what's going on. This is also the case with Ransomware Attacks. As an attacker, it is not very easy to recover money from coils that can be extorted.
- Security is cat and mouse. It is customary for him to run and follow me. Hackers will also be looking for new ways. Better protection from the DeFi side They are trying to take protective measures.
Post a Comment