Crypto Hacker PolyNetwork Released ‘Worthless’ Billions Of SHIB, BNB & BUSD
Due to low liquidity and robust security measures, the estimated $4 billion worth of malicious token issuances on PolyNetwork will be of little financial gain for the attackers.
On Sunday morning, attackers unleashed billions of tokens after exploiting an intelligent contract function in PolyNetwork’s cross-chain protocol bridge tool.
The bridge tool facilitates token swaps between blockchains by locking value on one network and transferring it to another through a smart contract.
The attackers manipulated the bridge’s functionality, deceiving it into issuing non-existent tokens on one network.
The attackers used the Metis blockchain to mint 24 billion Binance USD (BUSD) and BNB tokens. In contrast, on the Heco blockchain, they created a staggering 999 trillion Shiba Inu (SHIB) tokens. Additionally, they generated millions of other tickets on networks like Avalanche and Polygon. As a result, the attackers’ wallet initially held tickets valued at over $42 billion.
However, a significant lack of liquidity thwarted their attempts to monetize this vast token stash. Developers of Metis confirmed the absence of “sell liquidity” for BNB and BUSD, and the METIS tokens issued unlawfully were locked on the PolyNetwork bridge under the supervision of developers.
In contrast, the attacker located liquidity for the rest of the unlawfully minted tokens, leading to successful exchanges. According to analytics firm Lookonchain, they swapped 94 billion SHIB tokens for 360 ether (ETH), 495 million COOK tokens for 16 ether, and 15 million RFuel tokens for 27 ether.
Lookonchain further observed that the hackers were transferring assets and 1 ETH to new wallets, indicating a probable intention to sell these tokens.
PolyNetwork experienced its second attack on Sunday, marking yet another instance where the platform fell victim to malicious actors. Earlier in August 2021, the protocol suffered a staggering $600 million exploit, considered a groundbreaking hack. The breach occurred due to the alleged exposure of a private key for signing a cross-chain message. This incident underscores the significance of bridges in the cryptocurrency ecosystem while highlighting their vulnerability. Bridges play a crucial role in facilitating the movement of tokens worth billions of dollars across different networks. However, they have consistently remained the primary focus for attacks and hacking attempts throughout the industry’s history.
