- This may need been quite a bit worse if this had been postpone any longer.
- After discovering the flaw, Polygon used a stealth onerous fork.
In accordance with Polygon, an Ethereum sidechain specializing in Proof-of-Stake, on December 5, a major flaw within the community was addressed by a tough fork. In a Thursday weblog submit, 24 days after the onerous fork, the MATIC group disclosed that an nameless hacker had stolen $1.6 million in MATIC tokens.
Two moral hackers affiliated with bug bounty platform Immunefi, Leon Spacewalker and Whitehat2, alerted Polygon to a vulnerability within the first week of December. It was decided that an issue had been found in its MRC20 contract for gasless transactions.
Black Hat Hacker
After discovering the flaw, Polygon used a stealth onerous fork that labored with all of its validators and node operators to appropriate it. Regardless of the vulnerability being shortly patched, an unnamed black hat hacker however managed to make off with 801,601 MATIC tokens, which had been then price $1.6 million.
The group reported:
“Regardless of our greatest efforts, a malicious hacker was in a position to make use of the exploit to steal 801,601 MATIC earlier than the community improve took impact.”
This may need been quite a bit worse if this had been postpone any longer. Malicious hackers may need stolen round $20 billion price of MATIC tokens if the Polygon downside hadn’t been disclosed, in response to Immunefi, which labored with Polygon to put in the patch.
This wasn’t the primary time a extreme flaw in Polygon’s software program had been uncovered and glued. As of October 2021, a major flaw in Polygon’s Plasma Bridge was addressed with $850 million of locked belongings.