Security News

The mysterious miscreant who exploited a software vulnerability in Poly Network to drain $600m in crypto-assets, claims the Chinese blockchain company offered them $500,000 as a reward for discovering the weakness. "We appreciate you sharing your experience and believe your action constitutes white hat behaviour ... Since, we believe your action is white hat behaviour, we plan to offer you a $500,000 bug bounty after you complete the refund fully," the thief wrote in their transaction metadata, seemingly quoting or paraphrasing a message received from Poly Network.

A firm specializing in transferring cryptocurrency said Thursday that a hacker they are calling "Mr White Hat" was giving back all $613 million in digital loot from a record haul. The hacker said the heist was pulled "For fun" to expose a flaw that could have cost Poly Network dearly and undermined faith in cryptocurrencies.

Cryptocurrency investors have been transfixed over the past few days by the antics of a mysterious hacker who stole more than $600 million - before giving some of it back. The hacker struck Poly Network, a company that handles cryptocurrency transfers, on Tuesday in one of the biggest thefts of digital monies in history.

Whoever drained $600m in cryptocurrencies from Poly Network is said to have returned at least $260m so far. Poly Network said the crook was able to interfere with the execution of smart contracts - typically, small programs that automatically run to fulfill agreements between parties - that are used by the platform to exchange people's tokens and coins.

A firm specializing in transferring cryptocurrency said that hackers have given back $260 million worth of digital loot from a record haul. Poly Network fired off a tweet Wednesday saying hackers had returned $260 million worth of the digital assets taken in a heist a day earlier valued at $613 million.

Attackers reportedly stole $600 million from the cryptocurrency platform Poly Network, in what experts say is one of the largest crypto heists to date. Poly Network, a decentralized finance platform based in China, publicly acknowledged that an attacker "Exploited a vulnerability" that allowed them to assign themselves the ownership of money processed through the platform.

The time has come for me to find a new home for my cryptography library. It's about 150 linear feet of books, conference proceedings, journals, and monographs - mostly from the 1980s, 1990s, and 2000s.

Cisco Talos researchers note in a new analysis that "Unauthorized software on end systems is never a good sign. Today it's a crypto miner, tomorrow it could be the initial payload in an eventual ransomware attack." Crypto mining has increased from 3% of all mining alerts in January 2020 to 6% in March 2021, according to analysis from Talos.

Researchers at mobile security firm Lookout have identified more than 170 Android apps that target and scam users interested in cryptocurrencies. These apps cannot even be classified as 'malware' since they do nothing typified as malicious and don't contain a payload. This is the height of their sophistication.

ISARA launched ISARA Advance Crypto Agility Suite, an enterprise solution that allows organizations to discover their cryptographic blind spots and equip them to take action against the looming threat of encryption-breaking quantum computers. Revealing what lurks within organizations' information security infrastructures forms the foundation of cryptographic agility and risk management.