The Polygon network revealed that a cyber attacker had exploited it in a recent announcement. Home to MATIC coins, Polygon is now among the long list of platforms that have fallen victim to security breaches wherein the attacker got away with the funds.
This recent hack shows that it’s possible to exploit even the best and most secure networks.
The Hacking of Polygon
Polygon posted the announcement as a blog post on its website. A team member confirmed a vulnerability in the network and the attacker exploited that vulnerability to take MATIC tokens.
The post explained that the team was already aware of the vulnerability because a white hat hacker told them about it as a part of the bug bounty program. Polygon set this program up with partner Immunefi, and the team immediately got to work to remedy the issue.
However, a hacker discovered and exploited the vulnerability before the Polygon team released the recommended network upgrade. After several transactions, the hacker stole exactly 801,601 MATIC tokens, which cost over $2 million based on the current exchange rate.
After the breach, the Polygon Foundation assured network users that their information was safe and that the company would carry the cost of the stolen tokens.
The Vulnerability Has Been Fixed
On December 5, 2021, Polygon users expressed their concern regarding an unexpected hard fork. The network released an unannounced yet necessary update, and the members were curious what it was all about.
It appears that it was during that time when Polygon got hacked, and they wouldn’t reveal this to the public until nearly a month had passed.
In the recent announcement, Polygon confirmed that everything is under control now, and users no longer have to worry about the vulnerability. It’s all thanks to the efforts of the Polygon team, Immunefi, and the two white hate hackers who reported the issue.
The December 5 upgrade was more than effective, and Polygon explains that the upgrade was what fixed the vulnerability. Both the full node and validator communities were notified at the time, and they worked hard alongside the core developers to upgrade “80% of the network within 24 hours without stoppage.”
As for the two white hat hackers, Polygon gave them compensation for all their help. Both received a combined total of $3.46 million.
