Poloniex Exchange Hack Analysis

Poloniex Exchange Hack Analysis


2 min read

Poloniex, a cryptocurrency exchange affiliated with Justin Sun, experienced a substantial hack resulting in the loss of $126 million. This incident, which unfolded on a single day, marks a notable event in the realm of digital asset security.

Behind the Breach

The breach commenced on November 10, 2023 at 10:30 AM UTC, with an initial transaction draining 4900 ETH (valued at $10 million) from an address labeled 'Poloniex 4' on Etherscan. The attack extended across Ethereum, TRON, and BTC networks, with the total loss amounting to $126 million.

The hacker employed a sophisticated strategy, dispersing tokens among various addresses on Ethereum, which were then used to swap out tokens to ETH or further disperse them to new addresses. The largest asset losses included 33M USDT (22M on TRON and 11M on ETH), 4900 ETH on Ethereum, $18.6M of native BTC, and additional losses in BTC on TRON and USDC on Ethereum.

Unintended Consequences and Errors

In an unexpected turn, the attacker's actions led to a 25% increase in the value of TRX when they swapped the stolen (and freezable) USDT on Tron to TRX. Additionally, in a rush to liquidate stolen assets, the attacker lost almost $2.6M worth of Golem Network’s GLM by transferring it directly to the token’s contract.

The Aftermath

Following the attack, Justin Sun responded by promising to fully reimburse the affected funds and exploring collaboration opportunities with other exchanges for fund recovery. Poloniex also offered a 5% whitehat bounty and $4000 for identifying the hacker.

This incident underscores the ongoing challenges faced by cryptocurrency exchanges in securing digital assets against threat actors. It also highlights the importance of robust security measures and the need for continuous vigilance in the face of evolving attack vectors.

Rivanorth is a global boutique Web3 cybersecurity company. We specialise in smart contract audits and blockchain security advisory. Visit rivanorth.com to find out more.

You build the future. We help you secure it.