Market

Here’s the story: Polygon released its $ 1.6 million exploit 25 days ago

The core development team behind Polygon has revealed that a fatal flaw in their contract gave the hacker an opportunity to withdraw $ 1.6 million.

Critical vulnerability in polygon patches

Polygon, a proof-of-stake sidechain on Ethereum, reported that a critical bug in the network was fixed by a hard fork on December 5th. In front of the hard fork, an unknown hacker stole 1.6 million US dollars in MATIC, as the team revealed in a blog post on Thursday, 25 days after the event.

In the first week of December, Leon Spacewalker and Whitehat2, two ethical hackers associated with the immunefi bug bounty platform, informed Polygon of a security breach. The bug was found in the transfer function of the MRC20 contract, which is used for gasless transactions in the network.

After the bug was reported, Polygon patched it using a hidden hard fork that worked in conjunction with all of the validators and node operators. Although the vulnerability was fixed within a few days, it couldn’t stop an anonymous black hat hacker from stealing $ 1.6 million worth of 801,601 MATIC at the time. During their in-depth investigation, the research team reported:

“Despite our best efforts, a malicious hacker was able to exploit the vulnerability to steal 801.601 MATIC before the network upgrade took effect.”

The situation could get much worse if the vulnerability is not identified and patched in a timely manner. Immunefi, the company that helped Polygon deliver the fix, stated in another blog post that if the Polygon bug didn’t, hackers could take away approximately 9.2 billion MATIC, valued at an estimated $ 20 billion would be reported.

As for the steps the team was taking to address the vulnerability, Polygon co-founder Jaynti Kanani said the team had “made the best decision possible, given the circumstances.”

Polygon spent $ 3.46 million on the ethical hacker who reported the bug. In addition, the team says it will pay for the stolen MATIC numbers.

This is not the first time a critical bug has been discovered and patched on Polygon. In October 2021, Polygon fixed a critical bug on the Plasma Bridge that had tied up $ 850 million in funds.

Polygon has not yet given a reason why the hack has not been made public in the last 25 days.

Join Bitcoin Magazine Telegram to keep track of news and comment on this article: https://t.me/coincunews

Follow the Youtube Channel | Subscribe to telegram channel | Follow the Facebook page

Annie

Championing positive change through finance, I've dedicated over eight years to sustainability and environmental journalism. My passion lies in uncovering companies that make a real difference in the world and guiding investors towards them. My expertise lies in navigating the world of sustainable investing, analyzing ESG (Environmental, Social, and Governance) criteria, and exploring the exciting field of impact investing. "Invest in a better future," I often say. That's the driving force behind my work at Coincu – to empower readers with knowledge and insights to make investment decisions that create a positive impact.

Recent Posts

The New Lead of Presidential Crypto Council Appointed by Trump Is Bo Hines

President-elect Donald Trump named Bo Hines as the executive director of the presidential crypto council.

19 minutes ago

Best New Meme Coins with 1000X Potential: BTFD Coin’s Hot BIG50 Discount As Baby Doge Coin, Dogs Takes Gaming to the Next Level

Explore the best new meme coins with 1000X potential. Learn how BTFD Coin leads with…

1 hour ago

BlockDAG Surges Past $170M as BDAG250 Bonus End Countdown Begins – Aave Targets $400 & Solana Shines with Scalability

BlockDAG crosses $170.5M in presale success with BDAG250 bonus and Whitepaper V3 launch! Solana grows…

3 hours ago

Qubetics Presale Price Surge Approaches: The Best Coins to Invest in Right Now While Toncoin, and XRP Gain Traction

Discover why Qubetics, Toncoin, and XRP are the best coins to invest in right now.…

3 hours ago

Book of Meme Old News? This Best Meme Coin to Invest in 2024 Is Multiplying Gains Like a Champ

Over the years, meme coins have evolved from inside jokes into serious investment opportunities.

4 hours ago

Time’s Ticking on BlockDAG’s 5-Tier Bonus- Few Days Left to Grab It While Cardano Whales Take Action, Aave Rallies Strong

Discover BlockDAG's five-tier bonus program's closing phases that enhance buyer holdings. Gain insights on the…

5 hours ago

This website uses cookies.