According to Arkham statistics, adding the initial $60 million in Ethereum tokens, plus the amount of funds extracted on other token blockchains such as TRON, Bitcoin and Polygon, the losses caused by the Poloniex hack on Ethereum exceed $125 million.
Poloniex hacked, initial losses estimated at $60 million
At 7 pm yesterday evening, the security agency Paidun published a statement saying that it had noticed that Poloniex-related addresses had been continuously transferring large amounts of assets, and that they were suspected of being stolen.
Since then, multiple security agencies and on-chain monitoring platforms have continued to issue security warnings about Poloniex-related addresses, until Justin Sun and Poloniex officially issued an announcement, finally confirming the theft.
According to statistics, the total stolen assets of Poloniex are approximately US$114 million. Tron also promptly froze some of the hacker’s on-chain assets, but the effect was not significant. Sun Yuchen also issued a message, advising the hacker to "refund" as soon as possible, and was willing to give 5% of the assets as a white hat reward, but the hacker did not make any response.
Will the stolen assets of $114 million be dumped into the market to crash it, accelerating the end of the bull market?
1. Attack Review: A total of $114 million, $49 million from the TRON network
On-chain data shows that the hacker (0x 0 A 5984 f 86200415894821 bFEFc 1 c 1 De 036 DbF 9 e 7) began to transfer assets at 18: 30 (UTC+8) today, with the first transfer of 4,900 ETH; the last transfer was as of 19: 39 (UTC+8), which was LON worth US$3,910.
The stolen assets exceeded 280 tokens, including USDT worth $32.7 million, BTC worth $16.5 million, ETH worth $12.7 million, ELON worth $4.15 million, and even USH worth only $699 and PAW worth $760 were not spared by the hacker. The main transferred assets from Poloniex address 0xA910 to hacker address 0x0A59 are as follows:
Arkham data shows that Poloniex's remaining assets are approximately US$159 million, including 35.65 million USDT, 912 BTC (worth US$33.78 million), and 5,360 ETH (worth US$11.23 million).
Affected by this, currencies with large amounts of stolen money fell to varying degrees, with ELON falling more than 30% in two hours (the stolen amount accounted for 5% of the market value). Other currencies such as OX and GLM also fell to a certain extent.
23pds, Chief Security Officer of SlowMist, said: "Based on the rapid and professional methods of Polonniex, we guess it should be a typical APT." (Odaily Note: APT, Advanced Persistent Threat, Chinese name Advanced Persistent Threat, attacks and threats may exist in the user environment for more than a year or longer, and they continue to collect various information until they collect important intelligence.)
According to The Block, as of 20:00, the estimated losses caused by the Poloniex hacker attack rose to US$114 million, of which US$49 million came from the TRON network.
2. Justin Sun gives hackers 7 days to refund money
After the attack, Poloniex Customer Support posted that the exchange wallet had been disabled for maintenance and would update the message once the wallet was re-enabled. Interestingly, just a few minutes after the official announcement, the remaining 65 ETH in the Poloniex exchange wallet was again transferred away by hackers. As shown below:
Later, Poloniex owner Justin Sun issued a statement saying that he would compensate the affected users. "The Poloniex hack is currently under investigation. Poloniex remains in a healthy financial position and will repay the affected funds in full. In addition, we are exploring opportunities to cooperate with other exchanges to facilitate the recovery of these funds." (Odaily Note: In June 2022, Justin Sun announced that he would jointly acquire Poloniex with the BoF and several capital institutions, and at the same time use "Tron Exchange" as its Chinese community brand.)
In addition, Sun Yuchen also advised the hacker to return the funds as soon as possible and was willing to offer 5% as a white hat bounty. "We are willing to offer a 5% white hat bounty to the Poloniex hacker. Please return the funds to the following ETH/TRX/BTC wallets. We will give you 7 days to consider this proposal before we request the intervention of law enforcement agencies." Sun Yuchen also left the relevant address, as shown below:
ETH address: 0x176F3DAb24a159341c0509bB36B833E7fdd0a132
TRX Address: TUgSgCQL6pMSy9zByn4sgxqrJa95sZExBG
BTC address: 14XKsv8tT6tt8P8mfDQZgNF8wtN5erNu5D
Odaily Planet Daily found that the hacker has not yet responded to Justin Sun’s request, and the above address has not received any "refund" from the hacker's account.
3. Hacker show operation: buy TRX and destroy GLM
After stealing hundreds of millions of dollars, the hacker launched a wave of operations that shocked the onlookers.
First, a total of approximately 10.51 million GLM tokens (approximately US$2.56 million) were transferred to the token contract, which was basically equivalent to destruction - the price of GLM rose by 2%, but soon recovered the gains.
The second is to exchange some assets for TRX. According to Scopescan monitoring, Poloniex hackers used USDC on the Ethereum network and USDT on the Tron network to purchase a total of 206 million TRX, worth approximately US$22.8 million, which also caused TRX to rise by more than 11% within 1 hour.
Sun Yuchen also took corresponding measures at the first time to freeze the hacker's TRX on-chain assets. According to statistics, the hacker's TRON address TKK6d1YALy8HCSoCSWWd1ZJhyC9NPPx4wa has been frozen by TRON. However, it was still a step too late. The actual frozen assets were only $6.54 million, mainly $1.6 million in TUSD and $1.35 million in ETH.
Before being frozen, the hacker's address had transferred large assets such as $21.73 million in USDT, $14.05 million in BTC, $3.65 million in USDD, and $1.78 million in USDC to other addresses, totaling more than $42.83 million.
Among them, $21.73 million of USDT was transferred to the new address and then converted into TRX through SUN.io, and finally sent to TXs 71 PNcHmxgptA 3 w Q4 g 398 qbToMPhnEoG; $14.05 million of BTC is being converted into TRX through SUN.io, and these funds are currently retained in TMKCrop 4 pJDSeJVEuZ 9 Wsi 7 Lc 1 nSTLk 8 BQ; USDD and USDC also performed similar operations, and were converted into TRX and transferred to TEzx 5 kPky 2 KE 99 T 2 qG 9 TeEGoYLrBpXREwA and TSVGsgEU 3 3D YrnozE V1 iaCvT 9 uJ 6 wNUfDH respectively.
In addition, the OPNX platform founded by SuZhu also stated that it has frozen all OX tokens (OPNX platform coins) in the Poloniex hacker address, worth about $2.69 million, and all 197,756,563 OX owned by the hacker can no longer be transferred or sold. $BTC $ETH
