Crypto entrepreneur Justin Sun has Free to the Poloniex hacker a 5% bonus to return the stolen funds within the next seven days.
Earlier today, Sun said Poloniex was investigating a hacking incident without providing additional information.
Although Sun’s statement did not reveal the scale of the attack, blockchain security firm CertiK reported that its system detected suspicious movement of digital assets worth $31 million from Poloniex 4, one of the hot wallets on the stock exchange.
Crypto analysis firm Scopescan further confirmed that the Poloniex address transferred all tokens to a new address, “0x0A59,” within 40 minutes, with a total value of approximately $60 million. The new address also aggressively transferred stolen funds to more addresses and converted them to Ethereum (ETH). The latest information as of press time shows that Poloniex’s losses have exceeded $100 million.
On-chain data shows that stolen assets include bankrupt Voyager tokens VGX, Pepe, Polygon’s MATIC, Aave, TrueUSD stablecoin, Chainlink’s LINK and others.
Following the incident, Poloniex issued a terse statement: saying:
“Our wallet has been deactivated for maintenance. We will update this thread once the wallet is reactivated.
Hacker uses stolen funds to pump TRX
Meanwhile, Scopescan pointed out that the Poloniex attacker used the stolen funds to pump the native TRX token from the Tron blockchain linked to Justin Sun.
According to the platform, the attacker buys TRX with USDC on Ethereum and Attached USDT on Blockchain Tron.
The attacker purchased over $22 million worth of TRX tokens at the time of publication.
This buying frenzy helped increase the value of TRX by almost 10% on the one-hour candle, until it reached $1,000.0.10772, according to CryptoSlate data.
Poloniex will reimburse affected users
Sun said Poloniex was in a healthy financial position and would fully repay the affected funds.
The crypto entrepreneur further stated that the company would explore opportunities to collaborate with other exchanges to facilitate the recovery of stolen funds.
Separately, Sun urged the attacker to transfer the stolen funds to Ethereum, Tron or Bitcoin wallets controlled by the platform, or face legal action.