Poly Network has released an analysis of the security breach that occurred on July 2, 2023, affecting 58 assets across 11 blockchains. The report reveals the approach used by the attacker to gain control of the Relay Chain and forge asset withdrawals on targeted networks.
An internal investigation by the Poly Network team revealed that attackers were able to forge cross-chain transactions, enabling the unlocking of assets on the targeted blockchains. This was enabled through exploitation of the Relay Chain, which is used to pass messages between bridged networks.
Poly Network’s analysis of the attack revealed a Trojan horse hidden within the Relay Chain’s compilation environment, which exfiltrated the private keys of the validator nodes. Using these keys, attackers were able to forge cross-chain transactions and block headers, which passed signature verification and enabled the withdrawal of assets from targeted LockProxy smart contracts.
The original report may be found at the link below: