Polygon, a platform for creating Ethereum-compatible blockchain networks and scaling solutions is the latest crypto venture to be attacked. The home of the MATIC token announced that the platform was exploited by an attacker who stole the native tokens.
The network development team announced through a blogpost that the hack occurred in early December. The hacker stole 801,601 MATIC tokens before the team could fix the security breach. The hack shows that even some of the most secure and popular platforms like Polygon can still be vulnerable to attacks.
Polygon has assured its network users that it has fixed the security issue that allowed the attack. The network earlier engaged a group of white hat hackers who notified the team of possible exploitation of Immunefi, Polygon’s $2million bag bounty. The validator and full node teams confirmed the security breach and proceeded to upgrade 80% of the network within 24 hours.
The upgrade was completed on December 5th without affecting performance of the network in any way with the security issue and damage fixed.
Polygon’s co-founder Jaynti Kanan saw a positive side to the ordeal. He viewed the attack as a test of the network’s resilience and ability to act decisively under pressure. He also warned that all projects achieving massive success will sooner or later face similar situations.
The network confirmed that the foundation would bear the cost of the attack. The statement read, “Polygon paid a total of about $3.46 million as bounty to two white hats who helped discover the bug.”
Polygon Fixing the vulnerability
Even after the successful network upgrade, Polygon is still committed to ensuring the full-proof safety of its platform. For that, it engaged in extensive research to identify existing vulnerabilities that need improvements to ensure network and community resilience in future.
The team has consolidated its partner contact information and communication channels and upgraded critical response processes. Moreover, it has identified and formalised backups for key internal resources to avoid single-point failures in time-sensitive situations.
Similar crypto attacks
Polygon hacking is not an isolated case in the crypto world. Several other platforms have lost assets to hackers in recent times. Research firm, Chainanalysis in its recent report revealed that crypto investors lost $7.7 billion in 2020. The report cites classic rug pull as the leading crypto scam.
Crypto gaming ecosystem, Vulcan Forged lost assets worth around $140 million. The hackers took advantage of the wallet keys held within the platform’s servers to reach 96 wallets. They stole around 23.7% of the project’s circulating tokens.
Crypto exchange, BitMart, also experienced a hacking attack losing $109 million worth of assets. The hackers used a decentralised exchange aggregator called 1inch to swap the stolen assets into Ether tokens.
While the risk of crypto scams and attacks remain high for successful crypto projects, most have shown that they have enough security protocols to secure the platforms. Other platforms can also go the Polygon way to mitigate possible future attacks.