Hacker Steals $ 2 Million Using Polygon Bug

Hacker takes advantage of Polygon blockchain flaw

In the framework of a publication on his blog, the society Polygon disclosed information about the recent update to its network and that a hacker took advantage of a flaw in its protocol to steal 801 601 MATIC tokens.

Indeed, on December 3, a group of ethical hackers (also called ” white hat ») Reported to Immunefi, a platform that offers a bounty system for finding bugs, the existence of a vulnerability in the PoS Genesis Polygon contract.

The central Polygon team therefore worked closely with them. in order to quickly introduce a fix.

This is why an update was carried out on December 5, at block number 22 156 660, whose objective was to end the vulnerability of the MRC20 contract (function used for gasless transactions on the network).

The initiative had no impact on the protocol and on network users. However, despite the prevention of these ” white hat »And a rapid intervention to correct this flaw, a hacker took advantage of this vulnerability.

The latter indeed stole 801,601 MATIC tokens, just before the hardforking, for an amount of almost $ 2 million at the current price.

The team announced that it would bear the cost of the stolen tokens in addition to the $ 3.46 million bounty paid to ethical hackers for informing the Polygon team of this flaw.

“All projects that have some success find themselves in this situation sooner or later. Importantly, it tested the resilience of our network as well as our ability to act decisively under pressure. Considering the importance of the issue, I believe our team made the best possible decisions under the circumstances, ”said Polygon co-founder Jaynti Kanani.

This kind of attack is not a first in this sector

Despite audits or verifications on the code, vulnerabilities can persist and this unfortunately benefits hackers.

Also, this is not the first time that a hacker has taken advantage of a vulnerability within a protocol, especially in decentralized finance (DeFi). Recently, the Bitcoin-focused DeFi BadgerDAO protocol (BTC) suffered a large-scale attack from a hacker: nearly $ 120 million was stolen through the intermediary. a flaw in the user interface.

Nevertheless, some pirates act benevolently by warning society of a vulnerability in return a reward that often comes down to a percentage of the amount stolen.

This happened in particular to the decentralized exchange THORchain which had suffered a loss of $ 8 million in cryptocurrency.

👉 To discover – A hacker steals $ 30 million from users of the Grim Finance protocol

Newsletter 🍞

Receive a recap of crypto news every Sunday 👌 And that’s it.

About the Author : Anthony bassetto

It was in 2017 that I discovered cryptocurrencies and blockchain technology. Also, I would like to share with you the news of this sector, which is in full swing, so that you can be up to date with the latest news.
All articles by Anthony Bassetto.

Free subscription

Sing up for the weekly email from Coinews that makes reading the news actually enjoyable. Join us for free

Latest stories

You might also like...