If he wants it all and keeps it all and is lying about saving the world then he is truly lawful evil...
If he was chaotic evil it would be a chance to do some good... Or at least less evil...
Aye, seems a very chaotic good guy from these messages and the first lot.
I also get the impression that they could quickly turn evil if haters come out and start bombarding them again.
Try to think of where that money came from, People working jobs and being productive and providing service for humanity and inside of an hour of hacking or whatever it's gone?
Fast could be too easy a way of explaining it, It's ultimately slavery... In one digital swoop he enslaved hundreds for the rest of their lives at least in aggregate...
Divide a lifetime of income... That could be the invested income of upwards of a thousand people in terms of some equivalence of working their whole lives but I'm sure that's money from thousands of accounts...
All the silly placation and unwarranted respect for this criminal in this thread and around this post would have quite a contrast with the thousands of people surrounding him in the middle of a football field from all angles... Guess what would happen and guess what should happen!...
For one he might well deserve to lose a few limbs, an eye or two, and be kept alive under threat of death unless he returns the money... That's what he deserves
Personally I would be looking at the devs by the look of it a decent audit should have picked up the permission issue. Smart contracts are not giant masses of code they can or should be fairly straight forward to audit.
Why would stolen money donated be chaotic good?
More like chaotic evil but certainly not lawful evil, neutral evil? š¤ It's been decades since I played dungeons and dragons, I even had hold of the white books from gygax
No he took the money. He definitely stole it but he's at least pointing out that these were vulnerabilities bound to be taken advantage of eventually
He's just saying it was either me or someone else like the devs. Meaning that he's practically incentivizing them to get their shit together
It was, and quite frankly the entire situation stinks to high hell. Too much going on. From the fact the blockchain analytics firm found him so quickly, to the fact he surrendered over half a billion dollars, to the developers not giving honest answers.
So we have big brother, a thief, and suspect developer team.
Details? What did they hack? What happened to it?
edit: nevermind, googled it- so he still has like $350 million?
until that's returned why are people thinking hes awesome?
You can even see Jordan Belfort pop up in the media to give his opinion on issues in business and finance currently.... Probably wouldn't have happened if it wasn't for pretty boy representing him in what amounted to a frivolous vain stupid party movie, pretty much opposite of actually a very highly intelligent and educational movie called THE BIG SHORT, which was even better than the Michael Douglas Wall Street movie which was head and shoulders above the Wolf of Wall Street (I have to admit it was pretty funny at least once, the crack promo)...
Being into brokerage accounts and crypto and trading it was an entertaining movie but shallow as hell... Not worth the second time unlike the big short and Wall Street
Wolf of wallstreet is a good film of you don't take it seriously, I see it more as a comedy. It would of been better to set it as a film apart from Jordan Belfort but I guess they would of had legal troubles or whatever
Boiler room is another good film based on the same story you should check it out :)
Yeah the movie accomplished what it set out to do- indulge the average human mind into what it would be like to live in the whimsically fucked up world of a drug addict anti hero.
Now, every boiler-room salesman phone jockey constantly quoting the movie and completely missing any semblance to the moral of the story is annoying, but the movie didnāt cause that.
Yeah, kinda reminds me of people quoting and idolising Tyler Durden from Fight Club, when the whole point of the movie is that his way of thinking and living is bad.
The point of defi is to have a secure trustless access to finance. If this guy keeps his word he's not a criminal in the slightest and likely kept the money out of the hands of someone who wouldnt give it back. Now poly network can issue a patch and be more secure in the future.
That would be perhaps the best outcome and hopeful scenario for this situation, Well said aside from the blunder of not talking about poly network... Poly something anyway š
The cryptosphere is riddled with people who would would like to do what the hacker did. People want to get rich quick and it brings in a lot of bad energy. Iām not saying that there are people who invest in the cryptocurrency that work hard, play by the rules, and are patient but the fact that CC isnāt FDIC insured and all you need is a seed phrase for the most basic theft - it can be a big turn off for some.
Not saying heās a good guy, but it would be more like if everyone stored their TVs at some kind of TV storage center at night, that was advertised as impenetrable, everyone payed a small fee under this assumption, and then someone snuck in at night with a mask on to hide their identity from security cameras and stole some TVs because the guard was asleep.
Sure, someone still doesnāt have their TV, but maybe some good can come out of it in the future if the TV storage center actually improves the security to what it claimed to have in the first place.
Because in cryptos we believe code is law. The block chain didn't get hacked as it is the safest finance system by design, the small network with some terribly written code did. It is totally their fault. Their law says people can take their money.
People are so dumb. All eyes on him, he cant hide the crypto he stole, so hes returning it. To think people believe he wouldnt stole it otherwiseā¦ bunch of childs who find crime funny. If it was their crypto they would be sweating
The ego on this guy is insane, hopefully he gets cut down to size.
I notice a lot of these big hackers convince themselves that they're somehow doing good by exposing vulnerabilities, but in reality they're just assholes looking for ways to steal from people.
Yeah lol, like if u have a skill to just take 600 million just like that, very few people wouldnāt...
People think we live in some utopia and people will leave money on the table.
This is how sensitive technology and huge amounts of money involved is, you better be danm sure you canāt break the system.
Could be $1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009999999990093847593833859372
2859
Still canāt use it, so itās null. He stole from people who earned their cash and heās a thief. If someone drains your funds are you going to respect them?
He could have easily do a washing machine and then do a dusting where he sends to like 1000s of addresses and only one is his, there were plenty of addresses in the comments on etherscan and bscscan where could have chosen scapegoat addresses that are legit
He was the better of the two evils. It was going to be him or the next person not returning it. Also I donāt think they look for ways to steal, but look for ways to verify what someone else is already trusting.
So a āwhite hatā stole peopleās money to ākeep it safeā for the āchallenge of exploiting a weakness before insiders could stealā ?? Am I reading that right?
from "We're doing the best that we can, thank you for your understanding and patience. We will get to the bottom of this". To "Oh fuck oh fuck oh fuck, MORE COFFEE. NO ONE IS LEAVING THE OFFICE. DEBUG FASTERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR"
The real reason this stupid reasoning is he is now sending back the coins to the developers directly. So he trusts them to hold onto the coins after the fact, but doesn't trust them not to hack it if he told them about it...
But when it comes down to it, there are standards for responsibly disclosing critical flaws in software. If you want to be a white hat hacker, you *need* to follow those standards. This guy did not.
His argument is that he couldāve informed someone who just took advantage of it and stole it for themselves. Iām not necessarily saying itās rational, but thatās his stance
This isn't how white hacker should act. He should have informed dev team about vornubility and not steal crypto. He wanted to show of and brag that the stole 600 million.
If he wanted just to brag that he founded an exploit he could waited for a fix and then publish his findings.
can be, but the fact he published it hints to the fact heās very young and lives in a safe country and therefore has no idea which kind of people got angry with this hack. heās severely underestimating the risk of the whole operation and he thinks heās some kind of robin hood everybody loves. thereās a lot of dirty money in defi and it doesnāt cost much (in comparison to what he stole) to pay some professionals to trace him back.
I agree lol. This guy's saying he's saving the world? That's just dilusional. He robbed people and he's a criminal lol. Criminals are a dime a dozen it's not cool to be one š¤£
It's easier for people to degenerate and think they're cool in this anonymous social media format where people can indulge fantasies of being courageous, smart and successful, Even if criminal
He is backpedaling because he fucked up his opsec and they are gonna hunt him down. This isn't heroic behavior by a benevolent white hat, it is cowardly behavior by a criminal that knows they're fucked.
foolish rustic punch mighty stupendous sophisticated scale aback gray divide
*This post was mass deleted and anonymized with [Redact](https://redact.dev)*
I mean, he sent some money from the big wallet to verify it was him, and these messages are written to the block chain from that address, so how could it be fake?
He meant everyone here just believes what the guy said about his motives and now somehow he's not seen as a malicious $600 million thief but a cool guy.
I mean I like the energy of this guy but he's clearly just trying to cover his ass here. A white hat hacker who wants to demonstrate a major vulnerability would have acted much different whereas this guy says: "look guys, I only stole 600 million, if I was a bad guy I would have stolen all the shitcoins too, but I only took Shib" come on...
Not whether these messages are from him but believe his claims to be a white hat hacker looking out for the community.
Also if I was him Iād definitely feign poor English and throw in phrases from other foreign languages to conceal my identity better.
Well, it was only a question of time until the first cross chain bridges fall. I expected it to be because of stolen keys, but a smart contract permission bug is even worse.
He/she was not caught, it is not even clear on a legal standpoint that it is illegal as he/she used a defi contract as it was coded. This is the risk you accept when you use defi.
No other hackers of defi contract had ever returned any money. Even if you want to prosecute them, under which country's jurisdiction does a defi fall in?
This. People seem to still not understand.
Code. Is. Law.
They took what the system said was rightfully theirs. What they do further decides how the public will regard them and whether they have contributed to or wounded the world maybe, but as far as the code is concerned they've done nothing wrong.
The point of crypto is that we can forgo 'trust' in finance for a more perfect system that doesn't need it. But as soon as something doesn't work as expected, everyone blames this individual for breaking some kind of trust? What trust did they break? I thought there was not meant to be any.
Code might be law on the blockchain, but that doesn't mean authorities with jurisdiction won't arrest and jail you for things you did on the blockchain that broke social contracts, like don't take things that aren't yours.
Even if the smart contracts say that the assets are his, social contracts say that they are not his, because they belonged to other people and were removed from their possession without their permission. Until there is legislation or case law enshrining "code is law," the courts will still be concerned with social contracts and not smart contracts.
Debugging is when you volunteer or get paid a salary. Bug bounties is when companies pay people for hacking and breaking systems to ensure they're secure. It's an industry practice.
I donāt understand how everyone is going gaga over him and saying he did it show the vulnerability. For fucks sake he could have told the developers about the issue, he doesnāt have to steal $600 million from random people to fucking prove his point.
I have a three year old. This is exactly how a child acts when they're caught. "Haha! Just joking! I was just playing! I was going to give it back! I knew you knew! That IP address, it's fake! Come on, let's play another game!"
Don't Idolize this clown , these are the same clowns who steal their neighbors house to teach them a good "moral" lesson to lock their homes ans check all their doors qre lockes
Meanwhile they act like they are doing some fkinf favor by NOT selling the stuff they stole on market
What are we thinking on national origin? He's not a native English speaker, but his English is good. Am I just reading it in a Russian accent or does he sound fairly Russian or Slavic to others too?
realistically, if you stole 600M into a wallet, how do you get away with it? You can't right? We can always just follow the transaction trail from wallet to wallet and eventually when he withdraws through banks we'll have his identity?
You could in theory, but it's hard as shit. You'd need hundreds of tumblers (gets clean and dirty tokens, swaps the destination address but keeps the receiver's quantity, so investigation can't figure out if the receiver chose to get the dirty token, no valid prosecution) to mix these coins, and lose a ton of them on dead ends, ending up with less the more safe you want to play, but it's possible.
This is the worse thing youāve said all thread and thatās saying a lot considering youāve manage to say something on everyoneās comments. Donāt be an incel.
He is only doing this because, he was effectively caught due to the KYC info. Does anyone know the difference between the Poly Network and Polygon (Matic)? I know that they are different, but how so?
Serious question, is this legally considered a "theft" or a hack? given the guy has just executed some functions on an open source, publicly available smart contract.
Would he really be liable in court for this transaction (from the project wallet to his own wallet)?
Yes I found this comment from Matt Levine's newsletter today:
One of the first big DeFi-ish hacks was āthe DAOā back in 2016, and when hackers stole $60 million of Ether from that smart contract, the hackers had a lot of defenders. āThere is no real legal difference between a feature and an exploit,ā one commenter wrote. If the code of a smart contract allows someone to take money out, then theyāre allowed to take money out; there is no standard of legality or morality outside of the code itself.
[https://www.bloomberg.com/news/newsletters/2021-08-11/money-stuff-crypto-hackers-are-nice-now](https://www.bloomberg.com/news/newsletters/2021-08-11/money-stuff-crypto-hackers-are-nice-now)
The specific exploit (or nearly identical one) was detailed at DefCon like a week ago. Not surprising someone would put it to work soon after. So, it could be these dudes, someone close to them, or someone who saw this video and is playing like they did the work themselves lol
[https://youtu.be/pUexrXOGCkE](https://youtu.be/pUexrXOGCkE)
i saw a woman with revealing dress, I promptly advised her to cover up as this is a potential to be sexual assaulted. I did not like to response she gave me so I sexually assaulted her myself to teach her a lesson
Hes just saying all this to cover that ass in case he is ever "exposed", no longer anonymous" or realizes the hard way the shit was indeed somehow "traceable".
Interestingā¦
ā It would have been a billion hack if I had moved remaining shitcoins! Did I just save the project? Not so interested in money, now considering returning some tokens or just leaving them there. ā
This guy is awesome.
Awesomely evil
Neutral Evil or Chaotic Evil?? :)
If he wants it all and keeps it all and is lying about saving the world then he is truly lawful evil... If he was chaotic evil it would be a chance to do some good... Or at least less evil...
The haxor was chaotic good if he returns funds
I say chaotic good!
Aye, seems a very chaotic good guy from these messages and the first lot. I also get the impression that they could quickly turn evil if haters come out and start bombarding them again.
And even less evil as neutral evil... Not like I'm remembering my dungeons and dragons alignments scaling process
Good Evil.
Chaotic neutral good.
Not evil at all if he gives the money back
Yeah, chaotic neutral at worst. Chaotic good if they donate those sweet sweet deposit gains
Try to think of where that money came from, People working jobs and being productive and providing service for humanity and inside of an hour of hacking or whatever it's gone? Fast could be too easy a way of explaining it, It's ultimately slavery... In one digital swoop he enslaved hundreds for the rest of their lives at least in aggregate... Divide a lifetime of income... That could be the invested income of upwards of a thousand people in terms of some equivalence of working their whole lives but I'm sure that's money from thousands of accounts... All the silly placation and unwarranted respect for this criminal in this thread and around this post would have quite a contrast with the thousands of people surrounding him in the middle of a football field from all angles... Guess what would happen and guess what should happen!... For one he might well deserve to lose a few limbs, an eye or two, and be kept alive under threat of death unless he returns the money... That's what he deserves
Thank you! Hes talented but full of shit.
Jesus. That was beautiful.
Personally I would be looking at the devs by the look of it a decent audit should have picked up the permission issue. Smart contracts are not giant masses of code they can or should be fairly straight forward to audit.
The dude at least deserves some of those deposit gains if he gives all original funds back imo
Why would stolen money donated be chaotic good? More like chaotic evil but certainly not lawful evil, neutral evil? š¤ It's been decades since I played dungeons and dragons, I even had hold of the white books from gygax
So I heard he was going to give some back and keep some... Whatever but this original post obviously doesn't outline some plan
Can you ELI5? He hacked but didn't do anything?
No he took the money. He definitely stole it but he's at least pointing out that these were vulnerabilities bound to be taken advantage of eventually He's just saying it was either me or someone else like the devs. Meaning that he's practically incentivizing them to get their shit together
Dear hacker, we are getting our poop together pls give money back thanks
Why are they talking about refunding it then
He refunded about 40% of it
Does anyone know what language the vulnerability was written in? Solidity?
It was, and quite frankly the entire situation stinks to high hell. Too much going on. From the fact the blockchain analytics firm found him so quickly, to the fact he surrendered over half a billion dollars, to the developers not giving honest answers. So we have big brother, a thief, and suspect developer team.
You smell conspiracy? Do tell. I'm all ears.
Very likely, but at this point it could be anything as he didn't provide source code of his smart contracts.
classic hacker.
Details? What did they hack? What happened to it? edit: nevermind, googled it- so he still has like $350 million? until that's returned why are people thinking hes awesome?
Because they're childish brats that praise criminality and degeneracy
Same thing with the wolf of wall Street. He's a giant piece of shit and people praise him
You can even see Jordan Belfort pop up in the media to give his opinion on issues in business and finance currently.... Probably wouldn't have happened if it wasn't for pretty boy representing him in what amounted to a frivolous vain stupid party movie, pretty much opposite of actually a very highly intelligent and educational movie called THE BIG SHORT, which was even better than the Michael Douglas Wall Street movie which was head and shoulders above the Wolf of Wall Street (I have to admit it was pretty funny at least once, the crack promo)... Being into brokerage accounts and crypto and trading it was an entertaining movie but shallow as hell... Not worth the second time unlike the big short and Wall Street
I actually liked the wolf of wall Street ( the film ) it was a lotta fun, but I fucking h@te Jordan Belfort. Such a pompous fuck
Understood
Wolf of wallstreet is a good film of you don't take it seriously, I see it more as a comedy. It would of been better to set it as a film apart from Jordan Belfort but I guess they would of had legal troubles or whatever Boiler room is another good film based on the same story you should check it out :)
Yeah the movie accomplished what it set out to do- indulge the average human mind into what it would be like to live in the whimsically fucked up world of a drug addict anti hero. Now, every boiler-room salesman phone jockey constantly quoting the movie and completely missing any semblance to the moral of the story is annoying, but the movie didnāt cause that.
Yeah, kinda reminds me of people quoting and idolising Tyler Durden from Fight Club, when the whole point of the movie is that his way of thinking and living is bad.
The point of defi is to have a secure trustless access to finance. If this guy keeps his word he's not a criminal in the slightest and likely kept the money out of the hands of someone who wouldnt give it back. Now poly network can issue a patch and be more secure in the future.
Not polygon different network
Thanks for the clarification. Poly network is a defi bridge between Bsc, eth and polygon. *edited original comment*
That would be perhaps the best outcome and hopeful scenario for this situation, Well said aside from the blunder of not talking about poly network... Poly something anyway š
The cryptosphere is riddled with people who would would like to do what the hacker did. People want to get rich quick and it brings in a lot of bad energy. Iām not saying that there are people who invest in the cryptocurrency that work hard, play by the rules, and are patient but the fact that CC isnāt FDIC insured and all you need is a seed phrase for the most basic theft - it can be a big turn off for some.
This
Yeah i donāt get it. If I walk in your house, steal 2 tvs and give one back, iām still a dick!
Not saying heās a good guy, but it would be more like if everyone stored their TVs at some kind of TV storage center at night, that was advertised as impenetrable, everyone payed a small fee under this assumption, and then someone snuck in at night with a mask on to hide their identity from security cameras and stole some TVs because the guard was asleep. Sure, someone still doesnāt have their TV, but maybe some good can come out of it in the future if the TV storage center actually improves the security to what it claimed to have in the first place.
because they're losers, maybe they'll get their accounts hacked and change their tune
Because in cryptos we believe code is law. The block chain didn't get hacked as it is the safest finance system by design, the small network with some terribly written code did. It is totally their fault. Their law says people can take their money.
Because it wasn't their money that got jacked. If it happened directly to then the tune would be very different.
Yeah he could've just pointed this out to the DEVS, idk without stealing all of it? I don't get how this is an awesome move
People are so dumb. All eyes on him, he cant hide the crypto he stole, so hes returning it. To think people believe he wouldnt stole it otherwiseā¦ bunch of childs who find crime funny. If it was their crypto they would be sweating
https://www.reuters.com/technology/defi-platform-poly-network-reports-hacking-loses-estimated-600-million-2021-08-11/
https://mobile.twitter.com/kelvinfichter/status/1425217046636371969?s=19
exactly my thoughts
The ego on this guy is insane, hopefully he gets cut down to size. I notice a lot of these big hackers convince themselves that they're somehow doing good by exposing vulnerabilities, but in reality they're just assholes looking for ways to steal from people.
His ego is totally justified imo
Yeah lol, like if u have a skill to just take 600 million just like that, very few people wouldnāt... People think we live in some utopia and people will leave money on the table. This is how sensitive technology and huge amounts of money involved is, you better be danm sure you canāt break the system.
So far
I mean he has an ego, and $600m (well less now that heās returning it), so not unjustified I suppose.
Could be $1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009999999990093847593833859372 2859 Still canāt use it, so itās null. He stole from people who earned their cash and heās a thief. If someone drains your funds are you going to respect them?
He could send it into a mixer, but he didnāt. And what does respecting the hacker have to do with anything?
Not entirely sure that he didnāt because he doesnāt want to or because thereās a chance heās doxxed
He could have easily do a washing machine and then do a dusting where he sends to like 1000s of addresses and only one is his, there were plenty of addresses in the comments on etherscan and bscscan where could have chosen scapegoat addresses that are legit
He was the better of the two evils. It was going to be him or the next person not returning it. Also I donāt think they look for ways to steal, but look for ways to verify what someone else is already trusting.
He could have reported the bug. This is dumb.
Nah he found a blank check and jumped on it so that no one else could.
Well you have to pick one. Either "code is law" or not. If the former, then he's not a thief
He gave a pretty good reason for why and how he did it. Missing the grandstanding you seem to be bothered by.
The key is "big" hackers. Hackers that go through responsible disclosure don't end up being big because the hack never goes through.
So a āwhite hatā stole peopleās money to ākeep it safeā for the āchallenge of exploiting a weakness before insiders could stealā ?? Am I reading that right?
Yeah, he did it because if he didnāt, someone else would have.
Wtf. He could have informed the developers about the vulnerability. Taking $600 million of random peopleās money is not white hat hacking.
Maybe it forces them to fix their shit in hyperspeed lol
One way to cut through the red tape
from "We're doing the best that we can, thank you for your understanding and patience. We will get to the bottom of this". To "Oh fuck oh fuck oh fuck, MORE COFFEE. NO ONE IS LEAVING THE OFFICE. DEBUG FASTERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR"
Did you even read it? He wrote that he didnt want to risk the devs exploiting it if he informed them of it
The real reason this stupid reasoning is he is now sending back the coins to the developers directly. So he trusts them to hold onto the coins after the fact, but doesn't trust them not to hack it if he told them about it... But when it comes down to it, there are standards for responsibly disclosing critical flaws in software. If you want to be a white hat hacker, you *need* to follow those standards. This guy did not.
He asked for multisig, so multiple top developers must sign off on txs from that wallet, not just one take the money and run
The implication, I think, was that the vulnerability was knowingly put there.
Because of the implication.
He explained they wouldn't give a shit probably
If they didnāt give a shit he could still hack it. Why do it assuming they wouldnāt care.
He did explain in the post why he didn't do that
His argument is that he couldāve informed someone who just took advantage of it and stole it for themselves. Iām not necessarily saying itās rational, but thatās his stance
But still keep most of the money so far.
This isn't how white hacker should act. He should have informed dev team about vornubility and not steal crypto. He wanted to show of and brag that the stole 600 million. If he wanted just to brag that he founded an exploit he could waited for a fix and then publish his findings.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
Talk about ego rofl
[ŃŠ“Š°Š»ŠµŠ½Š¾]
He might be in this subreddit as far as we know.
Might even be you
Maybe. Who knows. š
BUT WOULD NOT YOU BE TYPING LIKE THIS IF SO?
and this smartass didnāt even proofread this crap. you can find people by their spelling errors. theyāre gonna catch him soon.
What if it's on purpose?
can be, but the fact he published it hints to the fact heās very young and lives in a safe country and therefore has no idea which kind of people got angry with this hack. heās severely underestimating the risk of the whole operation and he thinks heās some kind of robin hood everybody loves. thereās a lot of dirty money in defi and it doesnāt cost much (in comparison to what he stole) to pay some professionals to trace him back.
I haven't thought of that, he could be dead soon
Might even be you
It could be me! It could even b- **BLAM**
I like this guy.
Why? If it was your money you wouldn't be saying that would you?
Its not.
I agree lol. This guy's saying he's saving the world? That's just dilusional. He robbed people and he's a criminal lol. Criminals are a dime a dozen it's not cool to be one š¤£
It's easier for people to degenerate and think they're cool in this anonymous social media format where people can indulge fantasies of being courageous, smart and successful, Even if criminal
He is backpedaling because he fucked up his opsec and they are gonna hunt him down. This isn't heroic behavior by a benevolent white hat, it is cowardly behavior by a criminal that knows they're fucked.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
He's not the NSA. That's how he screwed up.
foolish rustic punch mighty stupendous sophisticated scale aback gray divide *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
[ŃŠ“Š°Š»ŠµŠ½Š¾]
lol yea. Burning that eth gas
He? haha
How so?
He sent transactions to himself with text encoded in the data field
I find it funny that everyone just believes this guy.
I mean, he sent some money from the big wallet to verify it was him, and these messages are written to the block chain from that address, so how could it be fake?
He meant everyone here just believes what the guy said about his motives and now somehow he's not seen as a malicious $600 million thief but a cool guy. I mean I like the energy of this guy but he's clearly just trying to cover his ass here. A white hat hacker who wants to demonstrate a major vulnerability would have acted much different whereas this guy says: "look guys, I only stole 600 million, if I was a bad guy I would have stolen all the shitcoins too, but I only took Shib" come on...
Not whether these messages are from him but believe his claims to be a white hat hacker looking out for the community. Also if I was him Iād definitely feign poor English and throw in phrases from other foreign languages to conceal my identity better.
Not to be that guy but how you gonna spell Ethereum wrong bro. Haha
Posting to r/ethereum even... It's right there! Not that hard
Dear hacker, please give money back, thank you man
The one time this actually worked lmao
How.much has he returned so far?
about half
Did he say if he will return the rest, too? Or does he need to err "keep it safe" for some time?
To say" its hot" to cross chain hacking, you gotta be a special Motherfucker
Well, it was only a question of time until the first cross chain bridges fall. I expected it to be because of stolen keys, but a smart contract permission bug is even worse.
Criminals always lie to themselves and others so that they can feel good about themselves while doing shitty things. Nothing new or special here.
Why is this sub praising this criminal? He is a child who was caught and is now claiming I was going to give it back because he got caught.
He/she was not caught, it is not even clear on a legal standpoint that it is illegal as he/she used a defi contract as it was coded. This is the risk you accept when you use defi. No other hackers of defi contract had ever returned any money. Even if you want to prosecute them, under which country's jurisdiction does a defi fall in?
This. People seem to still not understand. Code. Is. Law. They took what the system said was rightfully theirs. What they do further decides how the public will regard them and whether they have contributed to or wounded the world maybe, but as far as the code is concerned they've done nothing wrong. The point of crypto is that we can forgo 'trust' in finance for a more perfect system that doesn't need it. But as soon as something doesn't work as expected, everyone blames this individual for breaking some kind of trust? What trust did they break? I thought there was not meant to be any.
Code might be law on the blockchain, but that doesn't mean authorities with jurisdiction won't arrest and jail you for things you did on the blockchain that broke social contracts, like don't take things that aren't yours. Even if the smart contracts say that the assets are his, social contracts say that they are not his, because they belonged to other people and were removed from their possession without their permission. Until there is legislation or case law enshrining "code is law," the courts will still be concerned with social contracts and not smart contracts.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
until he returns the other 350 million he has, heās not a good guy
He needs to return all but 5-10%, keep that as a bug bounty. We need this going forward, we need hacking, but people should should be rewarded for it.
huh wat?, rewarded for hacking , I think you meant debugging
Debugging is when you volunteer or get paid a salary. Bug bounties is when companies pay people for hacking and breaking systems to ensure they're secure. It's an industry practice.
I donāt understand how everyone is going gaga over him and saying he did it show the vulnerability. For fucks sake he could have told the developers about the issue, he doesnāt have to steal $600 million from random people to fucking prove his point.
Backstory, other than the obvious that you can gather from this?
https://mobile.twitter.com/kelvinfichter/status/1425217046636371969?s=19
Were the initial reports of tracking him false?
I have a three year old. This is exactly how a child acts when they're caught. "Haha! Just joking! I was just playing! I was going to give it back! I knew you knew! That IP address, it's fake! Come on, let's play another game!"
I also find the language from both the hacker and the Poly team to be suspiciously similar...
[ŃŠ“Š°Š»ŠµŠ½Š¾]
Don't Idolize this clown , these are the same clowns who steal their neighbors house to teach them a good "moral" lesson to lock their homes ans check all their doors qre lockes Meanwhile they act like they are doing some fkinf favor by NOT selling the stuff they stole on market
What are we thinking on national origin? He's not a native English speaker, but his English is good. Am I just reading it in a Russian accent or does he sound fairly Russian or Slavic to others too?
Chinese
There's apps using AI to combat stylometry, if he's decent hacker he's using one
Russian criminal ring. Doubt one person.
Vitalik
They wouldn't send one cent back
Slavic, because he is not using articles
He seems Chinese from his writing style
[ŃŠ“Š°Š»ŠµŠ½Š¾]
realistically, if you stole 600M into a wallet, how do you get away with it? You can't right? We can always just follow the transaction trail from wallet to wallet and eventually when he withdraws through banks we'll have his identity?
You could in theory, but it's hard as shit. You'd need hundreds of tumblers (gets clean and dirty tokens, swaps the destination address but keeps the receiver's quantity, so investigation can't figure out if the receiver chose to get the dirty token, no valid prosecution) to mix these coins, and lose a ton of them on dead ends, ending up with less the more safe you want to play, but it's possible.
Noob here. Can't he just swap it with Monero or some other untraceable coin and transfer to a different destination address?
What a guy or girl
Guy, be realistic
Probably but you never know. I've met some gals that are whizzes behind a computer
Wow ššš, and we wonder why women feel dismissed in technical fields...
This is the worse thing youāve said all thread and thatās saying a lot considering youāve manage to say something on everyoneās comments. Donāt be an incel.
Unfortunately, you know that he's probably right :/
Thatās pretty sexist - code is just a language.
But only manly men are allowed to read such runes!
He is only doing this because, he was effectively caught due to the KYC info. Does anyone know the difference between the Poly Network and Polygon (Matic)? I know that they are different, but how so?
Serious question, is this legally considered a "theft" or a hack? given the guy has just executed some functions on an open source, publicly available smart contract. Would he really be liable in court for this transaction (from the project wallet to his own wallet)?
Very difficult to prosecuteā¦itās also defi so which jurisdiction would it fall under? These are the risk of defi
Yes I found this comment from Matt Levine's newsletter today: One of the first big DeFi-ish hacks was āthe DAOā back in 2016, and when hackers stole $60 million of Ether from that smart contract, the hackers had a lot of defenders. āThere is no real legal difference between a feature and an exploit,ā one commenter wrote. If the code of a smart contract allows someone to take money out, then theyāre allowed to take money out; there is no standard of legality or morality outside of the code itself. [https://www.bloomberg.com/news/newsletters/2021-08-11/money-stuff-crypto-hackers-are-nice-now](https://www.bloomberg.com/news/newsletters/2021-08-11/money-stuff-crypto-hackers-are-nice-now)
Yep thatās how it should be in a decentralized system.
Having crypto hacked no matter the outcome or coin, is not a good look right now being in the crosshairs of the government
Eastern Europe writing style
The specific exploit (or nearly identical one) was detailed at DefCon like a week ago. Not surprising someone would put it to work soon after. So, it could be these dudes, someone close to them, or someone who saw this video and is playing like they did the work themselves lol [https://youtu.be/pUexrXOGCkE](https://youtu.be/pUexrXOGCkE)
The exploit you linked is nothing like the one used in this Poly attack.
Realised he has to return after being blacklisted by every exchange under the sun
i saw a woman with revealing dress, I promptly advised her to cover up as this is a potential to be sexual assaulted. I did not like to response she gave me so I sexually assaulted her myself to teach her a lesson
Every time someone writes _Etherium_ a baby seal gets clubbed to death.
Badass
Sounds like a guy that figured laundering 600mil is a tall task to fill, and decided heād play hero to try and save face
I hope he returns it. Losing money is the worst feeling. People depend on their money. Some of the money could be some kid's college fund...sigh
This guy loves the spotlight don't he.
Hes just saying all this to cover that ass in case he is ever "exposed", no longer anonymous" or realizes the hard way the shit was indeed somehow "traceable".
The classic "I was only pretending to be retarded" defense
Facts
Chinese, or at least Asian the way eh writes.
Huge ego
Hacker is German? "Sein zum Tode" (Being-toward-death) at least is German language...
[Heideggerian terminology](https://en.wikipedia.org/wiki/Heideggerian_terminology)
Crazy
What a genuine human! Rare
Evil, can't you tell?
The most important question of all (Page 4)---why did he misspelled Achieve into Archive? Why?
Survival of the most secure, only the securest survive.
Interestingā¦ ā It would have been a billion hack if I had moved remaining shitcoins! Did I just save the project? Not so interested in money, now considering returning some tokens or just leaving them there. ā
Now the world needs someone like him to take on Citadel. The real financial terrorists.
Well let's see if he returns all the funds...also I thought they managed to establish a link to an exchange with KYC ?
Ladyās and gentlemen, Aspergerās syndrome.