PYMNTS Crypto Crime Series: The $612 Million Heist That Wasn’t

What kind of thief gives back $612 million a few days later, saying it was all a prank aimed at showing how poor his victim’s security system is?

A crypto criminal.

What kind of con man hijacks a presidential candidate’s Twitter account, telling Joe Biden’s followers that he’s “giving back to the community” and that “all Bitcoin sent to the address below will be sent back doubled” for a half hour?

Also a crypto criminal.

What kind of kidnapper takes a hospital’s computer system hostage, allowing a woman to die because the doctors are hamstrung when her ambulance arrives before the ransom is paid and must be turned away?

You know the answer.

Welcome to the first article in PYMNTS’ new series on crypto crime. In it, we’ll be taking a look at the crimes that have not only been committed in the cryptocurrency industry but have defined it — especially bitcoin — in many people’s minds.

In it, we’ll give you a look at the realities and the myths, the methods and tools, and the ways authorities and private securities are starting to break through the mythical anonymity that many criminals — and honest people — believe shields their transactions absolutely.

Along the way we’ll tell you some great stories as illustrations. Some will be funny, some will be whimsical, some will be sad and a few will be horrifying. A whole lot of them will be hard to believe. But they’ll all be true — or at least what Watergate journalist Bob Woodward called “the best obtainable version of the truth.”

We’ll begin with a little perception and some whimsical weirdness.

Silk Road Assumptions

The perception of bitcoin as a tool of criminals has its roots in dark web markets like Silk Road, where guns, drugs and contract killings were touted openly and paid for in bitcoin.

The details, in that case at least, are true. Ross Ulbricht was 27 when he started Silk Road in 2011, using the Tor browsing encryption network and bitcoin for anonymity. For two years he made a fortune before the FBI tracked him down by connecting old forum usernames back until they found one in which he asked for programming help and gave an email address. A former Eagle Scout, Ulbricht is serving two life sentences plus 40 years.

We’ll get into the FreeRossDAO DeFi market selling his artwork in the crypto community to fund a pardon campaign another time.

But particularly before bitcoin went mainstream, and decentralized finance, or DeFi, and NFTs exploded in 2021, this is how many people viewed crypto.

Asked about cryptocurrencies in her January 2021 Senate confirmation hearing, now Treasury Secretary Janet Yellen said they “are a particular concern. I think many are used — at least in a transaction sense — mainly for illicit financing. And I think we really need to examine ways in which we can curtail their use and make sure that money laundering doesn’t occur through those channels.”

While she walked that back a bit a few days later, the reality is more complex. In its 2022 Crypto Crime Report, Chainalysis — a leading blockchain intelligence company that has trained FBI, DEA, and IRS Enforcement agents for the government — estimated that 0.62% of all crypto transactions in 2021 were crime-related in some fashion.

Still, that amounted $14 billion, nearly double 2020’s ill-gotten crypto gains.

Oh, please give it back

This is one of the crypto crime stories that didn’t add to that total: the Poly Network hack, in which an attacker stole $612 million worth of crypto — for 13 days.

Word of the richest-ever hack broke at 8:38 a.m. on Aug. 10, 2021, when the DeFi platform tweeted out “Important Notice: We are sorry to announce that #PolyNetwork was attacked.”

Focused on making it easier to swap cryptocurrencies from one blockchain to another without the buying and selling fees an exchange would charge, Poly Network had a “vulnerability” in its code that allowed the hacker to swap everything into his own digital wallet.

A few hours later, the Poly Network team tweeted out an appeal, saying “we want to establish communication and urge you to return the hacked assets.”

Pointing out that the size of the crime would attract law enforcement attention, the developers also reminded him that the “money you stole are from tens of thousands of crypto community members.”

It added, “You should talk to us to work out a solution.”

If that sounds like a Hail Mary, well, there’s a reason for that. However, Hail Marys do occasionally end in game-changing touchdowns.

At 9:48 a.m. on August 11, the hacker got in touch, saying “READY TO RETURN THE FUND!”

After a bit of crowing about being a “LEGEND,” the hacker said he’d done it “for fun” and to teach the developers a lesson. He also began returning the stolen crypto, returning $4.7 million in the first wave.

On August 12, Poly Network thanked the hacker it named “Mr. White Hat,” saying “since we believe your action is white hat behavior, we plan to offer you a $500,000 bug bounty after you complete the refund fully.”

It also promised not to prosecute.

Mr. White Hat — whose identity remains unknown — declined the reward, saying he’d “always” intended to return the stolen crypto, adding “I am _not_ very interested in money!”

By Aug. 23, the last of the funds had been returned.

Along the way, Poly Network had offered Mr. White Hat the position of chief security advisor — a offer he suggested he planned to take them up on.

The incident — or at least the public side or it — ended when Mr. White Hat apologized for his “wild or mad behaviors,” saying the hack and return “must be one of the most wild adventures in our lives.”

Poly Network, its part, said “Thank you!”