Poloniex, a prominent digital asset exchange, faced a significant security breach as a crypto wallet associated with the platform experienced suspicious outflows. Blockchain explorer Etherscan revealed the alarming movement of millions of crypto assets from an account identified as Poloniex 4 on November 10.
Initial estimates suggested losses of around $60 million; however, further investigation determined that the attackers managed to drain over $100 million from the compromised wallet. Security experts from CertiK believe that the incident was likely a result of a “private key compromise.” The compromised funds were swiftly transferred to four externally owned accounts, some of which were converted into Ether.
Poloniex’s Response and Investigation
In response to the suspicious outflows, Poloniex took swift action by disabling the compromised wallet. Despite the severity of the situation, the exchange has not yet issued an official statement regarding the security breach. Attempts by Cointelegraph to reach out to Poloniex for comments remain unanswered at this time.
Although the official statement is pending, Justin Sun, the owner of Poloniex since 2019, assured users on social media (formerly Twitter) that the team is actively investigating the hacking incident. Sun stated that they are committed to fully reimbursing affected users and emphasized the exchange’s “healthy financial position.” Furthermore, Sun expressed a willingness to collaborate with other exchanges to recover the lost funds.
In an unconventional move, Justin Sun offered a 5% white-hat bounty to the Poloniex hacker. He set a seven-day deadline for the attacker to return the funds voluntarily, after which the exchange would involve law enforcement authorities in the pursuit of justice.
The offer of a white-hat bounty aims to encourage the hacker to cooperate in securing the funds’ return, highlighting the complexities of the evolving landscape of crypto security.