Polygon, an Ethereum-based network, has “silently fixed” a vulnerability that had compromised native MATIC tokens worth $24 billion (approximately Rs. 1,78,560). The issue came to light after a group of ethical hackers notified Immunefi, a bug bounty platform linked to decentralized finance (DeFi). Immunefi hosts the bug bounty for the Polygon network. Despite prompt steps to resolve the matter, notorious hacker(s) were able to steal 801,601 MATIC tokens worth about $2.4 million (approximately Rs. 17.8 crore).
The vulnerability was identified in Polygon’s proof-of-stake (PoS) Genesis contract. The network has implemented an “Emergency Bor upgrade” to address this vulnerability.
“The upgrade was performed on December 5 in block #22156660 without affecting network vibrancy and performance in any significant way. The vulnerability has been fixed and damage has been limited, with no material damage to the protocol and end users. All Polygon contracts and node implementations will remain completely open source,” Polygon’s official blog reads.
The network also posted a Twitter update on the fix.
Everything you need to know about the recent Polygon network update.
:white_check_mark:A security partner has discovered a vulnerability
:white_check_mark:Fix was introduced immediately
:white_check_mark:Validators upgraded the network
:white_check_mark:No material damage to protocol/end users
:white_check_mark:White hats got a bounty https://t.co/oyDkvohg33— Polygon | $MATIC :purple_heart: (@0xPolygon) December 29, 2021
The amount of capital stolen in the attack will be compensated by the foundation, according to her blog.
In a recent report, research firm Chainalysis revealed that scams have smuggled more than $7.7 billion (about Rs. 58,697 crore) from crypto investors this year. The most common type of scam was the classic carpet pulling, the report said. In recent days, there have been several cyber attacks on crypto-related companies.
Recently, crypto gaming ecosystem Vulcan Forged fell prey to a hacking attack, in which crypto assets worth $140 million (approximately Rs. 1,062 crore) were lost. Hackers reportedly had access to the keys to 96 wallets and stole 23.7 percent of the project’s circulating supply of tokens.
Earlier this month, crypto exchange BitMart lost $196 million (about Rs. 1,479 crore) in crypto assets in a hacking attack. According to a report by NewsRoomPost, a decentralized exchange aggregator called 1inch was used by the hackers to exchange the stolen assets in exchange for Ether tokens.
In October, a major hacking attack cost Ethereum-powered loan protocol Cream Finance crypto assets worth $130 million (approximately Rs. 972 crore).