BlockNews.com
  • Crypto
  • NFT
  • Metaverse
  • DeFi
  • Business
  • Technology
  • Opinion
  • Guides
No Result
View All Result
FOLLOW
BlockNews.com
  • Crypto
  • NFT
  • Metaverse
  • DeFi
  • Business
  • Technology
  • Opinion
  • Guides
No Result
View All Result
BlockNews.com
No Result
View All Result

Unveiling Vulnerabilities in Cross-Chain Bridges: Lessons from the Poly Network Exploit

BlockNews Team by BlockNews Team
July 4, 2023
in Crypto, Finance, Guides
Blockchain
Share on TwitterShare on Reddit

Poly Network, a leading cross-chain bridge platform, recently fell victim to another exploit, exposing vulnerabilities within the protocol. 

The attack allowed hackers to issue billions of fraudulent tokens, leading to a temporary suspension of services. However, limited liquidity and security measures hindered the hackers’ attempts to profit from their ill-gotten gains.

Dear users, we would like to inform you that Poly Network is temporarily suspending its services due to a recent attack. We are actively engaging with relevant parties and diligently assessing the extent of the affected assets. 【1/3】

— Poly Network (@PolyNetwork2) July 2, 2023
Via @PolyNetwork2 – Twitter

Details of the Exploit

The attack on Poly Network exploited compromised private keys, as confirmed by blockchain security firm Dedaub. 

Getting to the bottom of the "34 billion" Poly network hack with a technical postmortem.

TL ; DR

Poly network had a simple 3 of 4 multisig arrangement over 2 years!

Looking at the final event we found that the private keys to the addresses marked were compromised. pic.twitter.com/Y0eMJXcYso

— Dedaub (@dedaub) July 2, 2023
Via @dedaub – Twitter

By manipulating a smart contract function, the hackers generated tokens across multiple blockchains, affecting 57 crypto assets on ten blockchains. Although the amount stolen remains undisclosed, the transfer of at least $5 million worth of crypto occurred.

#PeckShieldAlert @PolyNetwork2 exploiter has transferred more than $5M worth of cryptos out on #Ethereum, #BNBChain, and #Polygon, especially 1.5K $ETH ($2.88M) to 0x23f4…c671, 440 $ETH ($844K) to 0xc8Ab…C42F, and 300 $ETH (~$575K) to 0xfD3E…b778https://t.co/EbYdTo3xIg… pic.twitter.com/I5Lg9UJ0eU

— PeckShieldAlert (@PeckShieldAlert) July 2, 2023
Via @PeckShieldAlert – Twitter

The hacker evaded verification by manipulating a parameter, allowing the issuance of tokens from Poly Network’s Ethereum pool to their own address on different chains. The hacker accumulated a massive token stash, reaching an extraordinary value of around $42 billion. However, the hacker could only convert and steal a fraction of the total value due to limited liquidity in many tokens.

The hacker faced significant challenges monetizing their stolen tokens due to low liquidity, particularly in assets like BNB and BUSD on the Metis blockchain. Additionally, the developers locked the illicitly-issued METIS tokens on the Poly Network bridge, rendering them inaccessible. 

We are aware of Polybridge’s ongoing situation, and are currently in contact with the PolyNetwork team to minimize the impact of the attack and further asses the situation.

In regards to the newly minted BNB and BUSD on Metis, there is no sell liquidity available.

All funds on…

— Metis 🌿 (@MetisDAO) July 2, 2023
Via @MetisDAO – Twitter

While the hacker converted some tokens into ether (ETH), the overall financial impact remained limited.

Poly Network’s Response and Lessons Learned

Poly Network’s response to the exploit drew criticism for its delayed seven-hour reaction time, resulting in an estimated loss of $5.5 million in stolen crypto. However, the lack of liquidity in many tokens played a role in mitigating further losses. 

This incident underscores the importance of timely responses and continuous enhancements to protocol security. It serves as a valuable lesson for Poly Network and the wider crypto industry to improve response procedures, strengthen security measures, and prioritize liquidity management to mitigate the impact of future exploits.

Broader Implications for the Crypto Industry

The Poly Network exploit exposes vulnerabilities present in cross-chain bridge protocols. These bridges’ centralized nature and dependence on keepers controlled by the development team raise concerns regarding fund security. 

The incident also highlights the need for effective monitoring solutions, such as Dedaub Watchdog, to minimize response time and protect against potential breaches. 

The Poly Network exploit is a cautionary tale, exposing vulnerabilities within cross-chain bridge protocols. Although the hackers managed to issue billions of tokens, their profit-making ability was limited due to low liquidity and security measures. 

Tags: BlockchainCross-Chain BridgesWeb3
TweetShareShare

DON'T MISS THESE! HOT OFF THE PRESS

bitcoin(s)
Crypto

US Lawmakers Call On SEC Chair To Approve Spot Bitcoin ETFs ‘Immediately’

September 30, 2023
Ripple Logo on Phone
Business

Ripple Retracts Fortress Trust Acquisition, Keeps Future Collaborations Open

September 30, 2023
Eth logo
Crypto

Ethereum Futures ETFs Could Start Trading Next Week — Bloomberg Analyst

September 30, 2023
Paysafe logo on Billboard
Business

Binance Loses Key European Banking Partner Paysafe, Urges Shift to USDT

September 30, 2023
Around the Block
Crypto

Around The Block: Sept 29 Week in News

September 30, 2023
Bitcoin-Coin
Business

Bitcoin Insurance Company AnchorWatch Secures $3 Million to Bring Multisig Mainstream

September 29, 2023
Load More
Next Post
Delio

Delio Grapples with Regulatory Challenges Amidst Fraud Allegations

Thailand SEC

Thailand SEC Implements New Regulations for Digital Asset Services

UK-Flag-Bitcoin

UK Government Enacts Strict Digital Asset Regulations: House of Lords to Confiscate Cryptocurrency Holdings Due to CybercrimeUK Government Enacts Strict Digital Asset Regulations: 

Related News

The Daily Dip – The Latest News Revolving Around Cryptocurrency, Technology, and Macro Markets

The Daily Dip – The Latest News Revolving Around Cryptocurrency, Technology, and Macro Markets

November 10, 2022
crypto portfolio

How to Build a Crypto Portfolio without Spending any Money or Time Trading

February 27, 2023
twitter logo on building

Twitter Launches Twitter Coins, Now Available through Stripe

February 25, 2023

Browse by Category

  • Breaking News
  • Business
  • Crypto
  • DeFi
  • Featured
  • Finance
  • Gaming
  • Guides
  • Investing
  • Media
  • Metaverse
  • NFT
  • Opinion
  • Politics
  • Social
  • Technology
  • Uncategorized
Discord Twitter Instagram TikTok
BlockNews.com

BlockNews.com brings you the most important Crypto and NFT news in the space.

CATEGORIES

  • Breaking News
  • Business
  • Crypto
  • DeFi
  • Featured
  • Finance
  • Gaming
  • Guides
  • Investing
  • Media
  • Metaverse
  • NFT
  • Opinion
  • Politics
  • Social
  • Technology
  • Uncategorized

RECENT POSTS

  • US Lawmakers Call On SEC Chair To Approve Spot Bitcoin ETFs ‘Immediately’ September 30, 2023
  • Uniswap Seeks Funding Approval to Bolster Development and Research Initiatives September 30, 2023
  • Ripple Retracts Fortress Trust Acquisition, Keeps Future Collaborations Open September 30, 2023

© 2022-2023 BlockNews.com - Crypto and NFT news website by JRNY Club.

No Result
View All Result
  • Home
  • Crypto
  • NFT
  • Metaverse
  • DeFi
  • Business
  • Technology
  • Opinion
  • Guides

© 2022-2023 BlockNews.com - Crypto and NFT news website by JRNY Club.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?