WONDER WHY TORNADO? WILL MINER STOP ME? TEACH ME PLZ!. https://etherscan.io/tx/0x3a09c98f99edd9601ed017ff269652fd80c7e9aedcea57126990031128851043
IT WOULD HAVE BEEN A BILLION HACK IF I HAD MOVED REMAINING SHITCOINS! DID I JUST SAVE THE PROJECT? NOT SO INTERESTED IN MONEY, NOW CONSIDERING RETURNING SOME TOKENS OR JUST LEAVING THEM HERE. https://etherscan.io/tx/0x552bc0322d78c5648c5efa21d2daa2d0f14901ad4b15531f1ab5bbe5674de34f
WHAT IF I MAKE A NEW TOKEN AND LET THE DAO DECIDE WHERE THE TOKENS GO. https://etherscan.io/tx/0x4c102e972301b999318df70e3d3a067994dcc83951f07f7f37c45ff7e922beec
READY TO RETURN THE FUND!. https://etherscan.io/tx/0x7b6009ea08c868d7c5c336bf1bc30c33b87a0eedd59dac8c26e6a8551b20b68a
FAILED TO CONTACT THE POLY. I NEED A SECURED MULTISIG WALLET FROM YOU. https://etherscan.io/tx/0x79245fb1d1ae48a214118e25d6ad2f9324f514ec6708135a19ba9d4cfa6344f6
IT'S ALREADY A LEGEND TO WIN SO MUCH FORTUNE. IT WILL BE AN ETERNAL LEGEND TO SAVE THE WORLD. I MADE THE DECISION, NO MORE DAO. https://etherscan.io/tx/0xd239b01026c49b234d075e3d23a07efd1c3234239cfb440c0f90d5e84836fbe2
ACCEPT DONATIONS TO "THE HIDDEN SIGNER" NOW. ENCRYPT YOUR MSG WITH HIS PUBKEY.. https://etherscan.io/tx/0x160231043b80c7824f658b3621163ebcc537ff29ad1dfb3572e658ebf0ddc2fd
DUMPING SHITCOINS FIRST! HOW ABOUT UNLOCKING MY USDT AFTER RETURNING ENOUGH USDC?. https://etherscan.io/tx/0xa7cd9cb0211942998602e22ad6f7fd7d9c1eef9515f4e4154a76237d5fd71aa3
{"iv":"be1fb3ba513b8779f7a38525cf118fae","ephemPublicKey":"04a35ba379dc4922a7fbf2f7d64be16b8096c78d3a17f40dab1c07928c178f8476663d032f6920a3f9467af8908a5de3594779e59a32fa320286a4ba028554c076","ciphertext":"d8d60653f3fa30b31f2ebb40cc8ba697e45f59f4e976f1b84d7382a3a1aced6b","mac":"393423c5f65ffa52e09d97dda25acd32d39efe157a1a334539ae047d0397043d"}. https://etherscan.io/tx/0x64eb495eba8b2000181498910748614dbd2c4bd7d6997af20cdb92c2518b2bce
0b156682321ad8b4307c76b60dac7650022f314a319f3e17d5e83718dbc305d6a1bcf0461b0eeb1c15b24994ae1deca1305f99dc9d294b926c4b9ade2718478a1f364a395f6a253da2a1561807540a2193974b134ba2be616b810e899c5df21aa2. https://etherscan.io/tx/0x69534e330c5f8529759272b86e90bbacf7a5c4082683064c471e5539eacf53ba
01c1d99be69552fad96069174147a8f5022e526cfb3644d2bcd07adccdd55a00b4e7f3c63273713f4c1839276b56a0f8a4e1928c2b9831bbd6442734752d96a5c28dcbc7a7e5c29c23f7aff6e49e2fe9b37881876756924ea9050392fe847e700abb5db4064270862f35df23b5aa14278e80814a873b1d0c23665b08f757fc081d716f64c344a17126b56232a9476c9542695e5fefdb676c9a1c16879b088bf32b7e2afa123a53e3373366f36db7a5cacde1246ba160c455b249077a21cce40df894054fbc996c9f1cb1ef5d71ba621c5485cb411c77953adbf7ecbc0040b5c28a. https://etherscan.io/tx/0x62d376fbb95367ba95d046c0c041531e320e93526fc282da5a1a65dacc885f47
JUST DUMPED ALL ASSETS ON BSC & POLYGON. HACKING FOR GOOD, I DID SAVE THE PROJECT . https://etherscan.io/tx/0x3de5a4eb6c1953ce2d0422bc5d0d16b2d9e54316cf0784bb793b3c67f09387b7
4e7ebea396547cae74d0dea5f6d60e3c02e04ee7f52b31936d56c19bef1c619301765f766a4a879dc089302f2623bbaa50c390932141773bff1a83b6140b8bab73c4a768f0526e5b1be79d1893b608548fc759108f374eccdfab9401f89b77915c2b70b031388b515891567456348008c6e520cb80d7d4daddf3dcac9ee164b73515ac57a88da0470a9e9f6b1b0c634aa1 https://etherscan.io/tx/0x4d6490b47a82e548236b4448713a973d833e439ad9fff76513d38ad2f7cb4fa5
Q: WHY HACKING? A: FOR FUN :)
Q: WHY POLY NETWORK? A: CROSS CHAIN HACKING IS HOT
Q: WHY TRANSFERING TOKENS? A: TO KEEP IT SAFE.
WHEN SPOTTING THE BUG, I HAD A MIXED FEELING. ASK YOURSELF WHAT TO DO HAD YOU FACING SO MUCH FORTUNE. ASKING THE PROJECT TEAM POLITELY SO THAT THEY CAN FIX IT? ANYONE COULD BE THE TRAITOR GIVEN ONE BILLION! I CAN TRUST NOBODY! THE ONLY SOLUTION I CAN COME UP WITH IS SAVING IT IN A TRUSTED ACCOUNT WHILE KEEPING MYSELF ANONYMOUS AND SAFE.
NOW EVERYONE SMELLS A SENSE OF CONSPIRACY. INSIDER? NOT ME, BUT WHO KNOWS? I TAKE THE RESPOSIBILITY TO EXPOSE THE VULNERABILITY BEFORE ANY INSIDERS HIDING AND EXPLOITING IT!
Q: WHY SO SOPHISTICATED? A: THE POLY NETWORK IS DECENT SYSTEM. IT'S ONE OF THE MOST CHALLENGING ATTACKS THAT A HACKER CAN ENJOY. AND I HAD TO BE QUICK TO BEAT ANY INSIDERS OR HACKERS, I TOOK IT AS A BONUS CHALL :)
Q: ARE YOU EXPOSED? A: NO. NEVER. I UNDERSTOOD THE RISK OF EXPOSING MYSELF EVEN IF I DON'T DO EVIL. SO I USED TEMPORARY EMAIL, IP OR SO CALLED FINGERPRINT, WHICH WERE UNTRACABLE. I PREFER TO STAY IN THE DARK AND SAVE THE WORLD. https://etherscan.io/tx/0x1fb7d1054df46c9734be76ccc14fa871b6729e33b98f9a3429670d27ec692bc0
Q & A, PART TWO:
Q: WHAT REALLY HAPPENED 30 HOURS AGO? A: LONG STORY.
BELIEVE IT OR NOT, I WAS FORCED TO PLAY THE GAME.
THE POLY NETWORK IS A SOPHISTICATED SYSTEM, I DIDN'T MANAGE TO BUILD A LOCAL TESTING ENVIRONMENT. I FAILED TO PRODUCE A POC AT THE BEGINNING. HOWEVER, THE AHA MOMEMNT CAME JUST BEFORE I WAS TO GIVE UP. AFTER DEBUGGING ALL NIGHT, I CRAFTED A SINGLE MESSAGE TO THE ONTOLOGY NETWORK.
I WAS PLANNING TO LAUNCH A COOL BLITZKRIEG TO TAKE OVER THE FOUR NETWORK: ETH, BSC, POLYGON & HECO. HOWEVER THE HECO NETWORK GOES WRONG! THE RELAYER DOES NOT BEHAVE LIKE THE OTHERS, A KEEPER JUST RELAYED MY EXPLOIT DIRECTLY, AND THE KEY WAS UPDATED TO SOME WRONG PARAMETERS. IT RUINED MY PLAN.
I SHOULD HAVE STOPPED AT THAT MOMENT, BUT I DECIDED TO LET THE SHOW GO ON! WHAT IF THEY PATCH THE BUG SECRETLY WITHOUT ANY NOTIFICATION?
HOWEVER, I DIDN'T WANT TO CAUSE REAL PANIC OF THE CRYPTO WORLD. SO I CHOSE TO IGNORE SHIT COINS, SO PEOPLE DIDN'T HAVE TO WORRY ABOUT THEM GOING TO ZERO. I TOOK IMPORTANT TOKENS (EXCEPT FOR SHIB) AND DIDN'T SELL ANY OF THEM.
Q: THEN WHY SELLING/SWAPPING THE STABLES? A: I WAS PISSED BY THE POLY TEAM FOR THEIR INITIAL REPONSE.
THEY URGED OTHERS TO BLAME & HATE ME BEFORE I HAD ANY CHANCE TO REPLY! OF COURSE I KNEW THERE ARE FAKE DEFI COINS, BUT I DIDN'T TAKE IT SERIOUSLY SINCE I HAD NO PLAN LAUNDERING THEM.
IN THE MEANWHILE, DEPOSITING THE STABLES COULD EARN SOME INTEREST TO COVER POTENTIAL COST SO THAT I HAVE MORE TIME TO NEGOTIATE WITH THE POLY TEAM. https://etherscan.io/tx/0xd4ee4807c07702a3202f45666983855d7fa22eb1c230e4c1e840fc9389e54729
Q & A, PART THREE:
Q: WHY TIPPING 13.37? A: I FEELED THE WARMTH FROM THE ETHEREUM COMMUNITY.
I WAS BUSY INVESTIGATING ISSUES FROM HECO AND DEBUGGING MY SCRIPTS. I THOUGHT IT WERE NETWORKING ISSUES WHY I COULD NOT DEPOSIT (I WAS BEHIND A SOPHISTICATED PROXY). SO I SHARED MY GOODWILL THE GUY.
Q: WHY ASKING TORNADO AND DAO? A: HAVING WITNESSED SO MANY HACKINGS, I KNEW DEPOSITING INTO TORNADO IS A WISE BUT DESPERATE DECISION. IT WAS AGAINST MY ORIGINAL INTENTION. BEING THE CROWDSOURCED HACKER WAS JUST MY BAD JOKE AFTER MEETING SO MANY BEGGARS :)
Q: WHY RETURNING? A: THAT'S ALWAYS THE PLAN! I AM NOT VERY INTERESTED IN MONEY!I KNOW IT HURTS WHEN PEOPLE ARE ATTACKED, BUT SHOULDN'T THEY LEARN SOMETHING FROM THOSE HACKS? I ANNOUNCED THE RETURNING DECISION BEFORE MIDNIGHT SO PEOPLE WHO HAD FAITH IN ME SHOULD HAD A GOOD REST ;)
Q: WHY RETURNING SLOWLY? A: I DO NEED TIME TO TALK WITH THE POLY TEAM. SORRY, IT'S THE ONLY WAY I KNOW TO PROVE MY DIGNITY WHILE HIDING MYSELF IDENTITY. AND I NEED SOME REST.
Q: THE POLY TEAM? A: I ALREADY STARTED TALKING WITH THEM BRIEFLY, THE LOGS ARE ON THE ETHEREUM. I MAY OR MAY NOT PUBLISH THEM. THE PAINS THEY HAVE SUFFERED IS TEMPORARY BUT MEMORABLE.
I WOULD LIKE TO GIVE THEM TIPS ON HOW TO SECURE THEIR NETWORKS,SO THAT THEY CAN BE ELIGIBLE TO MANAGE THE BILLION PROJECT IN THE FUTURE. THE POLY NETWORK IS A WELL DESIGNED SYSTEM AND IT WILL HANDLE MORE ASSETS. THEY HAVE GOT A LOT OF NEW FOLLOWERS ON TWITTER, RIGHT? https://etherscan.io/tx/0xe954bed9abc08c20b8e4241c5a9e69ed212759152dd588bb976b47eca353a5bc
I DON'T USE EMAIL. FUCK [email protected] & [email protected]. https://etherscan.io/tx/0xe926ef4b6f4e3ff1b680df02a6a2456cd9b415d25f051bb894ea3e24cfa864f0
DISCLAIMER: I HAVE NEVER ASKED FOR BOUNTY FROM POLY NETWORK WHAT I HAVE SAID IS ON THE CHAINS . https://etherscan.io/tx/0xa5371eda3e56a614cdecc2b875f4236c7651e8ab3822f798b108e14b2659aaaa
Q & A, PART FOUR:
Q: WHY CEX? NOOB? A: WHATEVER :)
THE KEY CHALLENGE OF THIS HACK IS TO INVOKE SOME CONTRACT FROM THE ONTOLOGY NETWORK (MY FAVOURITE PART). YOU HAVE TO GET SOME "GAS" FOR THE ONTOLOGY NETWORK, WHICH IS CALLED "ONG".
HOWEVER, IT'S NOT A DEFI TRADABLE TOKEN. I CAN ONLY FIND IT ON SOME CHINESE(?) CEXES. WHY BOTHER TRADING FROM DEX IF YOU HAVE TO GO THROUGH CEX? WHY DO YOU THINK I MAY LEAVE TRACES IN THE DEXES?
Q: WHY REFUND? COWARD? A: WHATEVER :)
WHEN YOU JUDGE OTHERS, YOU DO NOT DEFINE THEM, YOU DEFINE YOURSELF.
I ALREADY ENJOYED WHAT I CARED MOST: HACKING & GUIDING.
FEW HACKERS CAN UNDERSTAND THE SITUATION OF DEFI SECURITY. YES, YOU SEE A LOT OF HACKS, BUT MOST OF THEM ARE NOT ENJOYABLE AS A REAL HACKER. SOME STUPID CODE LEADS TO HUGE AMOUNT OF LOSS, BUT IT'S NOT CHALLENGING. IT'S LIKE FIGHTING AGAINST A TEENAGER.
I WOULD ADMIT THAT THE POLY HACK IS NOT AS FANCY AS YOU IMAGINE, BUT I DID EXPERIENCED SOMETHING NEW FROM THE PROJECT. I WOULD SAY FIGUING OUT THE BLIND SPOT IN THE ARCHTECTURE OF POLY NETWORK WOULD BE ONE OF THE BEST MOMENTS IN MY LIFE.
I HAVE GOT ENOUGH MONEY AS THE GROWTH OF THE CRYPTO WORLD. I HAVE BEEN EXPLORING THE MEANING OF LIFE FOR A WHILE. I HOPE MY LIFE CAN BE COMPOSED OF UNIQUE ADVENTURES, SO I LIKE LEARN & HACK EVERYTHING IN ORDER TO FIGHT AGAINST THE FATE. SEIN ZUM TODE.
TO BE HONEST, I DID HAVE SOME SELFISH MOTIVES TO DO SOMETHING COOL BUT NOT HARMFUL BY LEVERAGING THE HUGE FUND, LIKE THE DAO IDEA. THEN I REALIZED BEING THE MORAL LEADER WOULD BE THE COOLEST HACK I COULD EVER ARCHIVE! CHEERS! https://etherscan.io/tx/0xde330cbd5484e9ce808c60d3a76739f224eb8390b6b891a8e4d29dbdaeab826d