In an advanced announcement, hackers launched a malicious attack on the Poloniex hot wallet, draining assets worth $126 million. The hacking incident was first flagged by Peckshield at 10:55 UTC on November 10 after hackers transferred a measurable amount of funds to external wallets.
The Peckshield team observed a suspicious transfer from the ‘Poloniex 4 wallet’ to multiple addresses, including Ether (ETH), USDT, and other meme coins. A few minutes after the incident, the Poloneix team took a pragmatic approach to address the attack.
Hackers Exploit Poloniex’s Hot Wallet
Firstly, the crypto exchange temporarily disable the Poloniex wallet to combat the hack. Shortly after discovering the hack incident, Justin Sun, the owner of the Poloniex exchange, updated the X community on the incident.
The 33-year-old crypto entrepreneur stated that the Poloniex team will focus on a thorough investigation of the hacking incident. After gathering substantial evidence concerning the attack, Sun plans to engage other crypto exchanges in the recovery.
Before then, Poloniex’s key investors announced compensation plans the exchange would adopt if the hackers agreed to return the funds. Sun confirmed that the hackers will receive a 5% white hat bounty after returning the stolen funds.
He stated that the hackers are given one week to respond to the Poloniex request. However, if the hackers fail to abide by the Poloniex deal, the crypto exchange will report the matter to the law enforcer for potential legal action against the cyber criminals.
Sun’s update attracted the attention of blockchain analytic firms to assess the cause and the damages of the attack. A report from Arkham Intelligence demonstrates that the hacker had targeted to exploit several wallets.
Justin Sun Promised to Offer 5% White Hat Bounty to Hackers
The Arkham team noted that the attackers sent $114 million from the Poloniex Ethereum wallet. Consecutively, another wallet centered on the Tron network sent approximately $42 million to several wallets.
They also observed that around 865 Bitcoin (BTC) was sent to the hackers’ external wallets. A close examination of the November 10 hack incident demonstrated that the hackers devised unique approaches to conceal their activities.
The probing team noted that the attackers transferred the funds to another wallet immediately after the funds were transferred from Poloniex wallets. The multiple transactions aimed at easing the conversion of the stolen funds to USDC through the MetaMask.
At the conversion phase, the Poloniex team noted that the highest amount the hackers transferred amounted to $2.5 million Golem tokens (GLM). However, due to the nature of the attack, the Poloniex team initiated the recovery process, which tends to be complex.
In the report, the disgraced crypto exchange regretted that it seemed impossible to recover the whole amount. Commenting on this, the Singaporean blockchain analytics firm Nansen stated that only 175 tokens amounting to $ 10,000 were left untouched on the Poloniex wallet.
The Nansen team noted that the unknown group had purchased approximately $20 million worth of Tron (TRX) before the devastating hacking incident.
Poloniex Takes Preventive Measures to Address the Hack Incident
Even though the Poloniex team has not revealed the source of the exploit, a security research company, Officer’s Notes, suspected that the attack emanated from a compromised private key or malware.
Upon contacting Poloniex to enquire about the nature of the attack, Sun was pleased to announce that the recovery process has proven fruitful after the Poloniex team froze a measurable amount of assets linked to the attack.
The crypto investor confessed that the losses from the attack were within limits and the revenue generated from the Poloniex operation could cover the financial losses. The Grenadian investor admitted that Poloniex maintains a stable financial position, which will play a critical role in compensating the affected clients.
A review of past hacking incidents demonstrates that the hackers are targeting to steal from crypto exchanges by launching a malicious attack to disrupt the normal functioning of the system or network. In late September, HTX (formerly Huobi) was hit by a major hacking incident that resulted in the loss of Ether (ETH) assets worth $8 million.