PolyNetwork Hacked Possibly Due To Stealing 3/4 Of Admin’s Private Key: Report
Research by security firm Dedaub said that the root cause of PolyNetwork attack could be the theft of three-quarters of the administrator’s private key. Security firm Dedaub stated in a blog post that the root cause of the attack on the PolyNetwork cross-chain interaction protocol was not a logic error in the smart contract but most likely 3/4 errors in smart contracts. Poly Administrator’s private key has been stolen or misused. Dedaub also mentioned that it took PolyNetwork seven hours to respond to the attack.
Suppose Poly developers confirm that the attack is linked to a compromised signing key. In that case, it raises questions about the applicability of a centralized cross-chain bridge that controls a lot of money. The attack also showed less-than-perfect monitoring of the Poly group of the underlying bridge. If the protocol has been established with a rapid monitoring solution, this will significantly reduce the response time and potentially save some affected money. It was reported yesterday that hackers had released over a dozen assets across several chains through Poly Network, worth $35 billion. The Poly team has paused their EthCrossChainManager smart contract on several chains, most notably on Metis, BSC, and Ethereum.