The Hack Earlier this month, a hacker executed a massive crypto heist on PolyNetwork--a decentralized finance (DeFi) platform. The hacker was able to steal more than $600 million in crypto from thousands of users on three separate PolyNetwork blockchains (Binance Smart Chain, Ethereum & Polygon) and involving more than a dozen cyptocurrencies. In other words, this hack was * major *. The PolyNetwork protocol operates on multiple blockchains and allows users to send/receive tokens across these different blockchains using various smart contracts (also known as "bridges"). The hacker exploited a vulnerability in one of these smart contracts which maintains significant amounts of crypto to maintain liquidity and this allowed him to overwrite instructions and redirect all crypto funds to himself. From there, the hacker attempted to move the stolen crypto into various liquidity pools. The Blacklist The hacker was successful in moving some of the crypto. But shortly after the
It would appear that the international hacker and cyberattacker association recently convened and decided they wanted to go for broke (or strike it rich) on widespread chaos and discord in the lives of everyday, ordinary, non-wealthy people. What decisionmaking tree leads one to conclude that attacking, oh I don't know, AN OIL PIPELINE is a good idea?? Water supply? Hospitals?! It is disturbing, to say the least, and much of the effort to thwart these attacks is being placed on private industry. I could pen a separate post on reasons why this particular burden shouldn't be borne mostly by private industry, but it suffices to say that it's not too late to switch out the Space Force for the Cyberspace Force. I have several bones to pick with these nefarious actors. My biggest gripe is that they cause pretty significant disruption in the lives of innocent people--and I'm not just talking about the disruption of services. There is a seeping distrust, anxiety and/or paranoi