Tether has released the final $33 million in USDT of Poly Network’s assets after the hacker known as “Mr. White Hat” returned the rest.
Cross-chain decentralized finance (DeFi) protocol Poly Network has fully recovered all of its assets, according to a blog post published yesterday.
On August 10, the protocol suffered the largest DeFi hack to date, with simultaneous exploits on Ethereum, Polygon and Binance Smart Chain resulting in a total loss of $611 million.
Poly Network published the blockchain addresses used by the attacker and urged the crypto community to blacklist coins originating from those addresses. Tether responded quickly, freezing about 33 million USDT held at an Ethereum address.
The hacker, who Poly Network dubbed “Mr. White Hat,” revealed the next day that he had carried out the exploit “for fun” during an on-chain AMA. On August 12, Mr. White Hat returned $342 million of the stolen assets and, the following week, was offered the role of chief security advisor at Poly Network.
On Monday, the protocol revealed that the attacker had shared a private key for a multisignature wallet holding the remaining $141 million, which meant Poly Network had recovered all lost funds except for the $33 million frozen by Tether. The post said the team had been in “close communication” with the stablecoin issuer and were following “Tether’s standard process.”
Yesterday’s blog confirmed that process is complete and that Tether has released 33,431,200 USDT to the multisig address designated by Poly Network.
Poly Network has now entered the fifth phase of its roadmap: service restoration. Asset recovery was the fourth phase. Poly Bridge has restored cross-chain functionality for 59 different assets, while other services will be brought back gradually for security reasons.
Poly Network also launched a bug bounty program on Immunefi with a $500,000 reward pool to help identify any remaining vulnerabilities in the protocol.
“Poly Network thanks Tether for its quick assistance from the beginning of the incident,” the blog post reads, “and we appreciate the support and understanding of our users who patiently awaited the recovery of their assets.”