Poly Network has temporarily suspended its cross-chain services in response to an exploit targeting the Poly Network cross-chain management contract on Aug. 12, affecting Flamingo Finance features. According to a statement from Flamingo, the team is actively investigating the incident in collaboration with Neo Global Development and Poly Network to assess the full scope of the attack.
In a post on the Flamingo Discord, Flamingo noted that the hacker currently has approximately US $2.9 million in ETH, wETH, and wBTC, and $200,000 in BNB. Eight addresses belonging to the attacker have been frozen by the Neo Council, four of which appear to be deposit addresses for centralized exchanges. Final numbers are still yet to be determined.
All other Flamingo services aside from those using the Poly Network cross-chain bridge are functioning as normal.
Previous Poly Network incidents
Poly Network has faced two significant attacks in the past. The first occurred in 2021, when approximately $611 million in assets across the Ethereum, Binance Smart Chain, and Polygon blockchains were stolen. These assets were eventually returned following Poly Network’s widely-publicized “Dear Hacker” open letter.
In July 2023, Poly Network was targeted again, with a hacker making off with approximately 5,196 ETH, valued at around $10 million at the time.
No Neo assets were compromised in these previous incidents.
In April 2024, Poly Network announced that it would no longer deploy new cross-chain services but would continue to support existing partners.
Poly Network has not made a statement about the current incident, however Flamingo Finance has noted it will keep its users updated on new information.
About The Author: Dean Jeffs
Dean is a digital project manager who has worked extensively with start ups and agencies in the marketing space. Fascinated by the potential applications of blockchain technology, Dean has a passion for realising the new smart economy.
More posts by Dean Jeffs