The mysterious white-hat hacker who stole $600MM during a record-breaking hack of a DeFi ("decentralized finance") crypto network before turning around and voluntarily offering to return the coins has already returned more than half of the $300MM in stolen coins as of Thursday morning, the Poly Network confirmed in a tweet.
As of 0818GMT (0418ET), the hackers had returned $342MM (while cheekily asking their erstwhile victims for "donations").
In response, the Poly Network published a tweet claiming that recovering the rest of the coins remains its "primary goal."
The hacker has also published a Q&A embedded in a series of ethereum transactions (the same medium they used when they first declared their intentions to return the money) offering an explanation for why they decided to take the coins, and then return them. According to the statement, the hacker said they felt they could "trust no one" after identifying the security flaw, so they decided to draw attention to the flaw by exploiting it themselves.
In Part II, the hacker explained the technical steps they took after identifying the flaw, and also revealed that they were angered by the Poly team's response.
Part 2: pic.twitter.com/jOR4WfdVLm— Tom Robinson (@tomrobin) August 11, 2021
During Part III, the hacker claimed that returning the money was "always the plan", rebutting claims from some blockchain analysts, who claimed that laundering the stolen funds would simply be too difficult, leaving the hacker with few options.
Part 3: pic.twitter.com/JqZlB3Lc47— Tom Robinson (@tomrobin) August 11, 2021
Finally, in Part IV, the hacker waxed poetic about the art of hacking, and said that finding the flaw in the architecture of the Poly Network was one of "the best moments in my life."
Q&A part 4 (!) pic.twitter.com/sCNyV0zqYq— Tom Robinson (@tomrobin) August 11, 2021
The hacker first reached out yesterday with an ethereum-embedded message announcing they were ready to return the funds.
The Poly Network replied in similar form, sending over three addresses for the hacker to return coins.
The hacker also returned more than $2.5MM worth of Shiba Inu coins, which were also stolen (though they were returned separately). The hack initially targeted Ethereum, Binance Chain, and the Polygon network.
Yesterday, one crypto security expert, Dr. Tom Robinson, co-founder and chief scientist at Elliptic, told Zero Hedge that the hack "demonstrates that even if you can steal crypto assets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the use of blockchain analytics. In this case, the hacker concluded that the safest option was just to return the stolen funds."
While the hacker's identity likely won't ever be ascertained, the fact that the money is being returned comes as a tremendous relief to the thousands of investors who were ultimately left holding the bag. Next time, they might not be so lucky.