- Attackers exploited a smart contract function in PolyNetwork’s bridge protocol, issuing billions of dollars worth of “worthless” cryptocurrencies such as SHIB, BNB, and BUSD.
- Due to low liquidity and insufficient security measures, the attackers will not be able to make significant financial gains from the approximately $4 billion worth of malicious tokens issued on PolyNetwork.
- Bridges are structures that allow users to lock value in one network and release it in another, enabling the exchange of tokens between different blockchains using a smart contract.
Exploitation of PolyNetwork’s Bridge Protocol Leads to Billions in Worthless Tokens
Attackers have exploited a vulnerability in PolyNetwork’s bridge protocol, issuing billions of dollars worth of cryptocurrencies. However, these tokens hold no real value. The lack of liquidity and insufficient security measures on PolyNetwork mean that the attackers will not be able to profit significantly from the approximately $4 billion worth of malicious tokens issued.
Understanding the Role of Bridges in Blockchain
Bridges play a crucial role in the blockchain ecosystem. They are structures that use a smart contract to allow users to lock value in one network and release it in another. This mechanism enables the exchange of tokens between different blockchains. In this case, the attackers likely found a flaw in the system, manipulating the way the bridge works to issue tokens on a network that doesn’t actually exist.
We are aware of Polybridge’s ongoing situation, and are currently in contact with the PolyNetwork team to minimize the impact of the attack and further asses the situation.
In regards to the newly minted BNB and BUSD on Metis, there is no sell liquidity available.
All funds on…
— Metis 🌿 (@MetisDAO) July 2, 2023
The Impact of the Attack on PolyNetwork
The attackers issued tokens on various networks, including 24 billion Binance USD (BUSD) and BNB on the Metis Blockchain, 999 trillion Shiba Inu (SHIB) on the Heco Blockchain, and millions of other tokens on networks like Avalanche and Polygon. This resulted in the attackers holding over $42 billion worth of tokens on paper immediately after the attack. However, a significant lack of liquidity prevented the attackers from profiting from their massive token stockpile. The illegally produced METIS tokens were locked on the PolyNetwork bridge by the developers, further hindering the attackers’ potential gains.
Despite these setbacks, analytics firm Lookonchain reported that the attacker found liquidity for other illegally minted tokens, managing to swap 94 billion SHIB tokens for 360 ether (ETH), 495 million COOK for 16 ether, and 15 million RFuel for 27 ether. The firm also noted that the hackers transferred assets and 1 dollar’s worth of ETH to new wallets, likely in preparation for selling.
