Ether tokens
Ether tokens, which are accessed on the ethereum blockchain, were among those stolen in the crypto heist © Financial Times

Crypto land has been transfixed this week by a brazen and deeply strange heist of about $600m. It has been a cinematic experience, the new-age version of a bank robbery flick, replete with a colourful thief, a squad of digital vigilantes and any number of armchair detectives watching it all play out in real time.

This kind of drama is uniquely crypto. In a traditional bank siege, for example, an observer might need to rely on news helicopters circling overhead for updates. In a crypto heist, you can see it all unfold directly from your own smartphone.

Poly Network, a project that is looking to link up blockchains, the digital ledgers that underlie the crypto asset industry, began ringing the alarm bell on Tuesday afternoon London time. It claimed thousands of digital tokens were stolen and published the address of the virtual “wallets” of the alleged hacker.

The Poly project begged centralised exchanges and miners, which process crypto transactions, to step in to stop the supposed robber from pulling the funds further out of its grasp. It kind of worked. Tether, the operator of a major “stablecoin” that is easily transferred into conventional currencies, said it froze $33m. Major exchange operators such as Binance and OKEx vowed to do what they could to help out.

Meanwhile, the hacker began communicating with Poly through blockchain, something that by the nature of crypto can be easily viewed by the public. Poly appeared to offer the hacker a “bounty” for returning the funds, while the hacker began claiming they were out to “save” the project by highlighting its flaws. “Not so interested in money,” the alleged hacker said.

Dozens of cyber sleuths also stepped on to the scene, combing through clues to see what they could learn about the supposed hacker. An information security group called Slowmist claims to have found identifying information including the villain’s mailbox and internet protocol (IP) address.

Weekly newsletter

For the latest news and views on fintech from the FT’s network of correspondents around the world, sign up to our weekly newsletter #fintechFT

Sign up here with one click

It is not exactly clear why, or to what extent, the potential unmasking caused some last-minute jitters, but the hacker has now returned at least $342m. They claim they plan to return the rest of the stolen loot as well.

“It’s good to have a hacker that responds publicly . . . I hope he do[es] the right thing,” said Changpeng Zhao, head of Binance, one of the world’s biggest cryptocurrency groups.

It is a fascinating tale that reveals a lot about where crypto is at the moment. One of the main selling points many crypto advocates make is that these digital markets are more transparent than the conventional financial system because you can see every transaction on blockchains. This particular situation did seem to take those transparency claims to their logical conclusion.

It is also notable that at least as far as we can tell, it does not look like law enforcement has been involved yet. Instead, the system has appeared to try to police itself.

This type of self-enforcement and self-regulation may be something we start seeing much more regularly. Increasingly sophisticated industry bodies are being set up all over the world.

Official enforcement agencies should, of course, play an important role in any alleged crime, but these kinds of informal linkages represent another step in the maturation of the digital asset industry. It is the same way banks and financial institutions that compete on many fronts keep each other abreast of potential cyber risks.

Still, such intervention raises important philosophical questions. The whole point of crypto for many enthusiasts is that it is a decentralised system out of the reach of authorities, be it the government or big institutions. Some have expressed serious discomfort with the idea that central bodies have stepped in, even if their intentions might have been for the greater good.

And indeed, in traditional finance, when the bad guy gets caught, there are consequences. How should crypto respond if they catch the hacker in this or future cases? Do they turn them to law enforcement authorities, attempt to seize coins on their own, sue them? In a world that sets its own rules, how do you draw a line between a criminal caper and someone just seizing on an opportunity they found in computer code?

“If we leave even a little power in centralisation, we will never be free of this world,” one user wrote to a tether executive on Twitter, adding that since the hacker had merely exploited a vulnerability left by the Poly developers, they should be the rightful owners of the coins.

Reach the journalist on this story at or @adamsamsonFT on Telegram

Copyright The Financial Times Limited 2022. All rights reserved.
Reuse this content (opens in new window) CommentsJump to comments section

Follow the topics in this article