The hacker who perpetrated the largest ever cryptocurrency theft, supposedly for altruistic purposes, has been offered a $500,000 bounty by Poly Network, the victim of the hack.
After the incident came to light, the hacker began to return the ill-gotten stash. They also attempted to clear the air about their intentions, in the form of a detailed Q&A embedded in the Ethereum transactions sent from the hacker’s account, and shared by Tom Robinson, CEO of blockchain analysis company Elliptic.
The hacker claimed they had always intended to return the funds and took the crypto in order to expose the vulnerability before it could be exploited by others with malicious intent.
- Protect your devices with these best antivirus software
- Here's our choice of the best malware removal software on the market
- These are the best ransomware protection tools
“Since, we believe your action is white hat behavior, we plan to offer you a $500,000 bug bounty after you complete the refund fully,” the hacker quoted Poly Network as saying.
The hacker has now returned pretty much all of the stolen assets, with the exception of roughly $33 million in USDT that has been blacklisted by Tether.
Bug Bounty
Last week, Poly Network revealed that a hacker exploited a “vulnerability between contract calls” in its protocol to make away with over $600 million in various cryptocurrencies.
But within thirty hours of the heist, the apparent white hat hacker started to refund the loot, albeit slowly because of the steps they have had to undertake to hide their identity.
While announcing their reward for the hacker, now referred to as Mr. White Hat, Poly Network assured that it doesn’t intend to hold the hacker accountable for the incident. From the hacker’s response, though, it appears they aren’t interested in claiming the offer.
On the heels of the reward offer, Poly Network has also launched an official bug bounty program on Immunefi, a platform for reporting bugs designed specifically for the decentralized finance (DeFi) space.
Poly Network has assured that it will begin the process of returning the stolen cryptocurrencies and tokens to their rightful owners, once all the loot has been recovered.
“Once all the assets have been recovered, PolyNetwork will make every effort to return full asset control to users as soon as possible and will resume cross-chain services and transaction pairs after the smart contract upgrade is complete,” said the network on Twitter.
- These are the best endpoint protection tools
