• The Poly Network hacker that goes by the name of “Mr. White Hat” plans to accept the $500,000 bounty reward to incentivize DeFi hack behaviors.
• Most of the funds withdrawn during the hack have been returned, minus the $33 million frozen by Tether.
• My White Hat released a self-proclaimed Q&A session arguing his position and elaborating on his mantra.

Poly Network gained unwanted public attention after becoming the victim of the biggest cryptocurrency heist, amounting to over $600 million. DeFi hacks are becoming more of a phenomenon as the financial incentives are dawning. Yet Mr. White Hat, the now-famous hacker, or group of hackers, agreed to return the stolen funds without initially accepting the $500,000 bounty reward. Although the end was in sight, the dynamics of the issue have changed, especially when studying the hacker’s (or hackers) stated intentions.

What’s the Scope of the Diary?

As reported by Elliptic, Mr White Hat published messages through Ethereum transactions that have been shared on Twitter by Tom Robinson, the co-founder of Elliptic. The hacker expressed his/her/their take on the Poly Network situation, revealing his reasons, emphasizing a part of his background, and most importantly, underlining that he always meant to return the funds. Moreover, he highlighted that he intended to raise awareness without causing any harm to any party involved.

Following discussions with Mr. White Hat, Poly Network toned down their aggressive tone, expressing their gratitude for the hacker’s actions and offering a $500,000 bounty award, which the hacker declined – at first. Then, in a public message broadcasted to the Ethereum network, Mr. White Hat agreed to accept the bounty but hinted that he/she/they might use it reward hackers that can hack the Poly Network.

While discussions and the retrieval of the funds seemed like a formality, Mr. White Hat’s latest message appears to be more misleading. Reports from the Poly team indicated they are relying on the hacker to provide the private keys of the 3/4 multi-sig wallet.

On The Flipside

• Cybercrimes are no novelty but the immaturity of the space invites bad actors to take advantage of user’s funds.
• Blockchain security firms need to be held accountable if any loopholes or hacks are being exploited by hackers.
• A THORChain hacker managed to hack the protocol twice while exploiting network vulnerabilities.

White Hack in at the Flip of a Switch

The behavior of the Poly Network hacker bears a resemblance to a rogue movie character that sticks to his guns, irrespective of how damaging they are for those involved. Mr. White Hat’s actions align with the findings of “The Hacker Mentality” that illustrates hackers have narcissistic mentalities. Other researchers, however, argue hackers can be driven by challenge and the satisfaction of success.

The hacker’s latest statement reveals opposition behaviors from his first public network broadcast to the current iteration of his narrative. Interestingly Mr. White Hat highlights his anonymity and ongoing control of the situation. Moreover, Slowmist reported the company managed to obtain the IP and e-mail addresses, which might have caused the hacker to change the narrative.

White hat (ethical) hacking etiquette and unwritten protocol suggests hackers should bring issues to development teams without engaging in any illegal activity. Declan Doyle, Head of Ethical Hacking at the Scottish Business Resilience Centre describes white hat hacking as permissioned hacking, noting “the intent is completely different.” Mr. White Hat’s initial claim of engaging in white hat hacking could convince the likes of Poly Network who are eager to recuperate their losses. However, the circumstances surrounding the hacker’s awakening and entire narrative raises some red flags as to whether his intentions were genuine from the start.

It is worth noting that the funds have not yet been recovered; the hacker mentioned they would only be returned in full when everyone is ready. Given the current state of the issue and Mr. White Hat’s confident behavior there is more to come, which might indicate Slowmist’s report and findings could have prompted the hacker to turn the tables on Poly once again.

Why You Should Care?

Investing and interacting with DeFi projects comes with a big risk because they operate in an unregulated market and regulators or developers do not guarantee fund security.