Crypto entrepreneur Justin Sun has offered the Poloniex hacker a 5% bounty to return the stolen funds within the next seven days.
Earlier today, Sun said Poloniex was investigating a hacking incident without providing additional information.
While Sun’s statement failed to reveal the extent of the attack, blockchain security firm CertiK reported that its system detected a suspicious movement of $31 million worth of digital assets from Poloniex 4, one of the exchange’s hot wallets.
Crypto analytical firm Scopescan further confirmed that the Poloniex address transferred all tokens to a new address, ‘0x0A59,’ in 40 minutes, with a total value of about $60 million. The new address has also aggressively transferred the stolen funds to more addresses and converted them to Ethereum (ETH). The latest information as of press time shows that Poloniex’s losses have exceeded $100 million.
Table showing the hacked Poloniex assets. (Source: Tom Wan)
On-chain data shows that the stolen assets include bankrupt Voyager VGX tokens, Pepe, Polygon’s MATIC, Aave, TrueUSD stablecoin, Chainlink’s LINK, and others.
Following the incident, Poloniex issued a terse statement, saying:
“Our wallet has been disabled for maintenance. We will update this thread once the wallet has been re-enabled.”
Hacker uses stolen funds to pump TRX
Meanwhile, Scopescan pointed out that the Poloniex attacker used the stolen funds to pump Justin Sun-linked Tron blockchain’s native TRX token.
According to the platform, the attacker is buying TRX with USDC on Ethereum and Tether’s USDT on Tron blockchain.
The attacker has bought over $22 million worth of TRX tokens as of press time.
This buying spree helped increase TRX’s value by nearly 10% on the 1-hour candle to as high as $0.10772, according to CryptoSlate’s data.
Poloniex will refund impacted users
Sun said Poloniex is in a healthy financial position and will fully reimburse the affected funds.
The crypto entrepreneur further said the firm would be exploring opportunities to collaborate with other exchanges to facilitate the recovery of the stolen funds.
Separately, Sun urged the attacker to transfer the stolen funds to Ethereum, Tron, or Bitcoin wallets controlled by the platform or risk facing legal actions.
Zircuit, New ZK Rollup Backed by Pioneering L2 Research Launches Public Testnet
ZBU Token Commence Trading on the Gate.io Exchange