Poly Network Offers Chief Security Officer Role to Hacker That Stole $600M

While devastating, hacks like Poly Networks can actually strengthen the ecosystem because they expose vulnerabilities, according to Michael Tant, an analyst at Inside and an angel investor.


key takeaways

  • “Mr. White Hat” has returned roughly $400 million of the stolen assets, but Poly Network has offered the hacker a $500,000 bounty if they give back the rest of the stolen funds
  • The crypto market capitalization touched $2 trillion since the massive cyberattack last week

In a strange turn of events, Poly Network has offered the hacker who exploited its protocol to steal $611 million in crypto a job as chief security officer.

Poly Network offered the hacker (or hackers), dubbed “Mr. White Hat”, a role as the protocol’s chief security advisor on Tuesday. “Mr. White Hat” is a common reference for a hacker who receives a bounty or award for exposing a system’s security flaws. 

On August 10, “Mr. White Hat” breached the security of DeFi exchanges like Polygon, Binance Smart Chain and Ethereum and stole $266 million in Ethereum, $253 million in tokens on Binance Smart Chain and $85 million in USDC on Poly Network.

In response, Poly Network urged crypto exchanges to “blacklist tokens” that were connected to the alleged hacker. Poly Network tweeted following the massive cybercrime that the company would “take legal action” and “urge[d] the hackers to return the assets.”  

On August 12, Poly Network offered up $500,000 to the hacker to return all funds. The hacker declined the bounty the same day, but has since returned $400 million of the stolen assets. 

Poly Network offered the hacker the chief security advisor role so that “Mr. White Hat” could continue “contributing to security advancement in the blockchain world,” according to a Medium post. Poly Network also doubled down on their offer of a $500,000 bounty if the hacker returns the remaining stolen funds.  

Following the hack, addresses (later proven to be connected to the hacker) responded publicly via a series of encrypted messages through crypto exchanges. On returning the stolen assets, they responded, “That’s always the plan! I am _not_ very interested in money! I know it hurts when people are attacked, but shouldn’t they learn something from those hacks?” 

While devastating, hacks like Poly Networks can actually strengthen the ecosystem because they expose vulnerabilities, according to Michael Tant, an analyst at Inside and an angel investor. “Now that the hack has happened and funds are being sent back, we can catch it [next time]. It’s one less way the protocol can theoretically be hacked,” he told Blockworks.

Despite the tumultuous journey for Poly Network, crypto markets have not been significantly impacted by the security breach. Ethereum is up 0.20% over the past seven days. Bitcoin has dipped less than 1% over the past week as of press time. Similarly, the crypto market capitalization has since touched $2 trillion the following Monday.

“You almost would rather have those vulnerabilities exposed earlier when it’s $600 million instead of 10 years when it’s $600 billion,” Tant said. “It’s not to say that hacks are bullish, but it is to say that DeFi is still very early. People are still writing new code. It’s probably good to get the bad code out of the way now so that people can keep building.”

Want more investor-focused content on digital assets? Join us September 13th and 14th for the Digital Asset Summit (DAS) in NYC. Use code ARTICLE for $75 off your ticket. Buy it now.


Upcoming Events

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2024

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Research Report Templates.png


ZKPs enable efficient offchain transaction processing and validation, resulting in increased throughput and reduced fees. Solana's ZK Compression leverages ZKPs to minimize onchain storage costs, while Sui's zkLogin streamlines user onboarding by replacing complex key management with familiar OAuth credentials.


The crypto asset manager lowered its planned fee from 0.25% to 0.15%, undercutting its competitors


Plus, a look at planned ETH ETF fees and how they differ from their BTC counterparts


North Korea suspected in breach of Indian exchange’s multisig wallet


Plus, Sanctum’s CLOUD token has officially launched — but not without problems


It’s not yet clear whether Donald Trump is pumping bitcoin. But an unofficial memecoin is still seeing benefit.