Key takeaways:
- Attackers generated billions of different coins after taking advantage of a smart contract feature in the bridge tool of the cross-chain protocol PolyNetwork.
- Developers for Metis stated that there was no “sell liquidity available” for the BNB and BUSD.
Users were advised of the temporary suspension of the DeFi platform, PolyNetwork, due to the current attack. The initiative interacts with pertinent stakeholders to ascertain the amount of impacted assets.
After taking advantage of a smart contract feature in the bridge tool of the cross-chain protocol PolyNetwork on Sunday morning, attackers created billions of various tokens. By locking value on one network and releasing it on another, bridges allow users to transfer tokens between multiple blockchains via smart contracts.
Attackers on the PolyNetwork were probably able to modify the bridge’s operation so that it would issue tokens for a network that wasn’t actually there.
The researchers discovered three addresses, including USD Coin (USDC), Wrapped Bitcoin (WBTC), Wrapped Ether (WETH), and Shiba Inu (SHIB), that collectively contained $600 million in various cryptocurrencies.
One of the biggest hacks in DeFi history is allegedly the one that occurred. Early this morning, Poly Network told players in the cryptocurrency market that security experts were looking into the most recent attack on the platform.
Attackers created 999 trillion shiba inu (SHIB), 24 billion binance USD (BUSD), and bnb (BNB) on the Metis blockchain, as well as millions of other coins on different networks, including Avalanche and Polygon. This means that shortly after the hack, the attackers’ wallet had tokens valued at nearly $42 billion (on paper).
But the attackers were unable to profit from the enormous token stockpile due to an appalling lack of liquidity. Developers for Metis stated that there was no “sell liquidity available” for the BNB and BUSD, and they had locked the METIS tokens that had been fraudulently issued on the PolyNetwork bridge.
However, the hacker was able to exchange 94 billion SHIB tokens for 360 ether (ETH), 495 million COOK for 16 ether, and 15 million RFuel for 27 ether after finding liquidity for other illegally created tokens, according to analytics firm Lookonchain.
Changpeng Zhao (CZ), CEO of Binance, spoke out in favor of users and clarified that the exchange does not accept deposits from PolyNetwork and that users’ cash are secure. The security staff for the exchange is helping PolyNetwork stop the attack.
The exchange’s users are unaffected, according to Binance, even though an investigation is now being conducted to identify the affected users and blockchains. Deposits from the Poly Network are not accepted by the exchange platform.
The assault on Sunday was the second time that attackers had chosen to target PolyNetwork. Following the suspected theft of a private key used to sign a cross-chain message, the protocol was hacked for $600 million in August 2021, a then-record hack. Bridges are crucial for facilitating the transfer of tokens valued at billions of dollars between different networks, but they are also susceptible because they have historically been the top target for assaults and hacks in the crypto sector.
