Kristopher J. Brooks – CBS News
An unknown cyber thief or hacker group is returning some money after stealing an estimated $611 million from a cryptocurrency exchange in what’s being called one of the largest heists of its kind.
The company, called Poly Network, revealed the incident in a tweet late Tuesday. In a separate statement posted on Twitter, Poly Network pleaded with the hacker, or hackers, “to return the hacked assets.”
The plea appeared to work. Not long after the theft, the company said it received a message saying that the funds would be returned, though not how much. Poly Network said it instructed the hackers where to send the stolen cryptocurrency. By Wednesday afternoon, the person or persons behind the hack had returned $260 million, Reuters reported.
Xiamen Slowmist Technology, a blockchain security firm based in China, said it uncovered the hacker’s IP address and email information. In a blog post for Medium, the firm explained how the hacker executed the attack. Cybercriminals took advantage of a vulnerable spot in Poly Network’s code, in which hackers can send cryptocurrency to one another without being detected, Slowmist concluded.
The Poly Network incident is the latest in a string of cybercrimes this year, experts said. Hackers have stolen at least $474 million between January and July, according to a report from cryptocurrency compliance firm CipherTrace.
As cybercrime proliferate, new Securities and Exchange Commission Chair Gary Gensler said it’s time to place protections around the cryptocurrency market. Gensler said during a security forum in Washington earlier this month that cryptocurrency is “rife with fraud, scams and abuse” and is “more like the Wild West.”
Crypto space largely unregulated
Although it is growing in popularity, digital currencies like bitcoin have been left largely unregulated in the U.S. and with the exception of China, other countries. Gensler said cryptocurrencies are unregistered securities that don’t come with market oversight or proper disclosures to educate investors. That leaves prices open to manipulation and investors unprotected, he said.
Although the SEC has brought and won dozens of cases against fraudsters, Gensler said the agency needs more authority from Congress to regulate the crypto markets.