Since the real-fake theft of a dizzying sum of cryptocurrencies, Poly Network teams have been working with the hacker who exploited the flaw in their security system. He received a job offer to become their security chief.
” Poly Network does not intend to hold Mr. White Hat accountable , can we read on the twitter account of the company. Nowe invite him to join our team as Head of Security “. Mr White Hat is the nickname given to the hacker who stole the equivalent of over $ 600 million in cryptocurrency a week ago. In a turnaround that no one had seen coming, Mr. White Hat then announced to return the money to Poly Network. And now he could work for them.
#PolyNetwork has no intention of holding #mrwhitehat legally responsible and cordially invites him to be our Chief Security Advisor. $ 500,000 bounty is on the way. Whatever #mrwhitehat chooses to do with the bounty in the end, we have no objections. https://t.co/4IaZvyWRGz
– Poly Network (@ PolyNetwork2) August 17, 2021
Indeed, since the hack, Mr. White Hat and the company continue to work together to ensure that the flaw that the hacker exploited is properly repaired. And Poly Network seems convinced enough of the quality of his work to offer him to take the post of chief of security.
A job offer
It is not uncommon for cybersecurity experts to hire hackers. But the case of Mr White Hat and Poly Network remains quite astonishing. Shortly after the theft was announced, and before Poly Network and Mr. White Hat began to communicate, several actions of the hacker seemed to confirm the fact that he was not really a white hat, i.e. an ethical hacker. He notably rewarded an Internet user who had warned him that part of the funds he had stolen had been frozen, and he did not immediately announce that he wanted to return the money. ” I might give back some tokens or leave them there “, He had notably declared. However, he decided to return the money, and drop it off at an address controlled by him and the Poly Network teams.
Poly Network does not seem to hold it against him. ” We are very grateful to Mr White Hat for his contribution to our project, the company said in a post on Medium. There were some misunderstandings between us, at the beginning of our interaction, in particular because of poor means of communication. We now better understand the motivations of Mr. White Hat, and we share his vision and his ambition for the DeFi sector (decentralized finance, editor’s note) […] “.
Poly Network has since expressed, on several occasions, its willingness not to sue Mr. White Hat and hold him legally responsible for the theft of the money, a promise the company has kept. She also offered the hacker a reward of $ 500,000 for finding the loophole. The hacker has not yet publicly announced whether he intends to accept the offer. But whether or not he decides to join Poly Network, the company announced they have joined a bug bount programy, so as not to repeat his mistake. The reward is $ 100,000.