I am sure all of you were aware of the biggest hack in crypto history on the Poly Network last week. $610 million is a sizeable figure and not every hacker is bad as "mrwhitehat" returned $400 million almost instantly. He has been awarded the $500 000 bounty and has been offered a job as their main security advisor. This hack wasn't obviously about the money other wise he wouldn't have sent any back. He still has $200 million however and somehow think he will return that at some point.
In June we saw the Thorchain hacked which was actually a blessing in disguise as the chain received some advice on where the weaknesses were. Having multiple hacks within a short period of time does highlight security issues and ones you cannot ignore. Saying that they wanted to limit the damage as they could have taken much more is like a gentleman's crime. The hackers are making money by highlighting weaknesses but at the same time saving the project from a possible disaster. The Rune token dropped in value, but soon recovered as it is a great project that is even more secure these days thanks to the hacks.
Hackers are benefitting by asking for bounties which will most likely make them millions, but are also saving millions through their actions. Having the "whitehats" on your side is the smart way to work as obviously they look at things far differently to what a developer does.
The saying you have to think like a criminal to catch a criminal is so true and why some cops are better than others. Having a mind that thinks like that as part of your development team is actually the only way as highlighting issues and fixing them is far better than being hacked.
DeFi is going to be worth a fortune as more and more is being invested so having $1 billion or $10 billion at risk is a real concern. Paying a hacker a percentage or a salary to keep your chain secure could be seen as blackmail or an essential service. Surely having a secure network is that important as not everyone will be so friendly returning the funds.
I am not a fan of hackers generally but these guys are not exactly in that same class and have moral standards which they are upholding as though they have some type of moral code. It is like robbing a bank and returning the money highlighting where the security is lacking. Has a crime been committed if the funds are returned when a hack has occurred?
This is not exactly unique as we have seen the FBI and other forces around the world recruit top criminals as they have the best minds to help solve cases. In the army we had ex terrorists working alongside us and they were invaluable with the information they had. This is all thinking along the same lines like the The Poly Network is as rather have the best of the bad working along side you.
Posted Using LeoFinance Beta