Polygon, an Ethereum-based platform, has “quietly solved” a vulnerability that threatened its native MATIC tokens, which are valued at $24 billion (approximately Rs. 1,78,560). The problem was discovered after one team of cybersecurity professionals alerted Immunefi, a decentralized financial bug bounty site (DeFi). The Polygon network’s bug bounty is hosted by Immune. Notwithstanding swift attempts to remedy the situation, a well-known hacker was able to retrieve 801,601 MATIC tokens worth $2.4 million (roughly Rs. 17.8 crores).
The flaw was discovered in Polygon’s Genesis proof-of-stake (PoS) contract. To address the vulnerability, the network implemented an “Emergency Bor Upgrade.”
“The update was carried out on December 5 at block #22156660 without affecting the network’s liveness or performance significantly.” The vulnerability was patched and the impact was reduced, with no meaningful harm done to the protocol or its end users. “All Polygon contracts and node implementations will remain completely open source,” according to Polygon’s official blog.
However, Polygon was unable to prevent losing around 801,601 Matic coins, which are presently valued at moreover $2 billion.
“The fact that this situation ended happily is a credit to their ability.” Tight communication only with Polygon verifiers aided in averting what might have been a catastrophic calamity,” stated Immunefi’s Dunchan, the company’s Chief Technology Officer.
Polygon co-founder Mihalo Bjelic stated on December 5 that his business was “spending considerably more insecurity and making an effort to strengthen security processes across all Polygon initiatives.” However, the full data were not revealed to the public till on December 29. Polygon’s standard bug bounty program is held at $2 million, but an assumption was created for the White Hat attacker.
Diving into the specifics, the upgrade to resolve the issue was carried out on December 5, although CoinSwitch said that the modification had no significant impact on system performance.
The organization will reimburse for the amount of money taken in the incident, according to its blog.
According to a recent analysis by research firm Chainalysis, scammers stole over $7.7 billion (approximately Rs. 58,697 crores) from cryptocurrency investors this year. According to the survey, the most prevalent type of fraud was the conventional rug pull. Numerous computer hackers on crypto-related businesses have occurred in recent days.
Recently, the symmetric encryption ecosystem Vulcan Forged was hacked, resulting in the loss of $140 million in crypto assets (roughly Rs. 1,062 crores). Hackers allegedly gained access to the keys of 96 wallets, taking 23.7 percent of the program’s circulating token supply.
BitMart, a cryptocurrency exchange, was hacked earlier this month and lost $196 million (approximately Rs. 1,479 crores) in crypto assets. According to NewsRoomPost, the hackers utilized a local market aggregator called 1inch to convert the stolen money for Ether tokens.
A significant cyber assault in October damaged Ethereum-powered lending system Cream Finance digital assets worth $130 million (roughly Rs. 972 crore).