Polygon, an Ethereum-based network has “silently fixed” a vulnerability that had put its native MATIC tokens worth $24 billion (roughly Rs. 1,78,560) at risk. The issue came to light after a group of ethical hackers informed Immunefi, a bug bounty platform associated with decentralised finance (DeFi). Immunefi hosts the bug bounty for the Polygon network. Despite quick measures to resolve the case, notorious hacker(s) were able to steal 801,601 MATIC tokens, making up for around $2.4 million (roughly Rs. 17.8 crore).
The vulnerability was identified in Polygon’s proof-of-stake (PoS) Genesis contract. The network deployed an “Emergency Bor Upgrade” to fix this vulnerability.
“The upgrade was executed on December 5 at block #22156660 without impacting liveness and performance of the network in any major way. The vulnerability was fixed and damage was mitigated, with there being no material harm to the protocol and its end-users. All Polygon contracts and node implementations remain fully open source,” Polygon’s official blog said.
The network also posted a Twitter update on the fix.
All you need to know about the recent Polygon network update.
:white_check_mark:A security partner discovered a vulnerability
:white_check_mark:Fix was immediately introduced
:white_check_mark:Validators upgraded the network
:white_check_mark:No material harm to the protocol/end-users
:white_check_mark:White hats were paid a bounty https://t.co/oyDkvohg33
— Polygon | $MATIC :purple_heart: (@0xPolygon) December 29, 2021
The amount of capital stolen in the attack will be compensated for by the foundation, its blog added.
In a recent report, research firm Chainalysis revealed that scams mooched off over $7.7 billion (roughly Rs. 58,697 crore) from crypto investors this year. The most common form of scam was the classic rug pull, the report said. Several cyber-attacks on crypto-related firms were witnessed in the recent days.
Recently, crypto-gaming ecosystem Vulcan Forged fell prey to a hack attack, losing crypto assets worth $140 million (roughly Rs. 1,062 crore). Hackers reportedly accessed the keys of 96 wallets, stealing 23.7 percent of the project’s circulating supply of tokens.
Earlier this month, crypto exchange BitMart lost $196 million (roughly Rs. 1,479 crore) worth of crypto assets in a hack attack. According to a report by NewsRoomPost, a decentralised exchange aggregator called 1inch was used by the hackers to swap the stolen assets in exchange for Ether tokens.
In October, a major hack attack cost Ethereum-powered lending protocol Cream Finance crypto assets worth $130 million (roughly Rs. 972 crore).