Trusted

Polygon Patched Exploit that Could Have Put 9B MATIC at Risk

2 mins
Updated by
Join our Trading Community on Telegram

In Brief

  • White hat hackers disclosed the exploit to ImmuneFi, which held a $2 million Polgyon bug bounty.
  • The Polygon team quickly considered their options, executing the upgrade two days later.
  • One malicious attacker did manage to steal over 800,000 MATIC, which the Polygon foundation will pay for.
  • promo

The Polygon Network team revealed that they had patched a major security vulnerability in a recent network upgrade. The team was informed of the exploit via white hat hackers and the ImmuneFi bug bounty program.

The team at Polygon Network has revealed that it had patched a major exploit that would have affected nine billion MATIC tokens through a recent network upgrade. Published on Dec 29, the blog post talks about how the bug bounty platform ImmuneFi had worked with Polygon’s core development team to address the issue. 

Polygon discloses major bug patch

The upgrade took place without an announcement on Dec 5. To keep the critical network vulnerability a secret so that it wouldn’t be exploited, the team made no mention of an upgrade. The upgrade itself caused no issues with the network and no user was affected after the whole incident. 

Polygon’s co-founder Jaynti Kanani was happy with how the team managed the situation, saying that such a scenario was inevitable for all projects;

All projects that achieve any measure of success sooner or later find themselves in this situation. What’s important is that this was a test of our network’s resilience as well as our ability to act decisively under pressure. Considering how much was at stake, I believe our team has made the best decisions possible given the circumstances.

A white-hat hacker first submitted a report on the exploit to ImmuneFi, which has a $2 million bug bounty program. The team swiftly began looking at fixes once they learned of the vulnerability, and it took two days to fix the matter. 

The Polygon team paid $3.46 million in bounties to two white hat hackers who helped discover the bug. However, one attacker managed to steal 801,601 MATIC before the patch, but the Polygon foundation will bear that expense.

Exploits still a major threat for DeFi

The Polygon team is fortunate that they were informed of the vulnerability and not too much damage was done through the exploit. The DeFi market in particular has been subject to a number of attacks this year, as it hosts a lot of money. Most of these were flash loan exploits, which remain one of the most popular approaches by malicious attackers.

Cream Finance, for example, suffered three flash loan attacks this year, losing $130 million in the last attack which took place in late October 2021. Between January and July 2021, the DeFi market lost a total of roughly $474 million, according to a report from cryptocurrency intelligence firm CipherTrade.

An exploit of Polygon would have likely sent shockwaves through the crypto world, as it is a celebrated project which has made great inroads over the past year. The project has done well on all fronts, most recently having Uniswap V3 launch on its network.

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Rahul-Nambiampurath.jpg
Rahul Nambiampurath
Rahul Nambiampurath's cryptocurrency journey first began in 2014 when he stumbled upon Satoshi's Bitcoin whitepaper. With a bachelor's degree in Commerce and an MBA in Finance from Sikkim Manipal University, he was among the few that first recognized the sheer untapped potential of decentralized technologies. Since then, he has helped DeFi platforms like Balancer and Sidus Heroes — a web3 metaverse — as well as CEXs like Bitso (Mexico's biggest) and Overbit to reach new heights with his...
READ FULL BIO
Sponsored
Sponsored