The suspected hacker, who claims to have initiated the attack “for fun :),” took hundreds of millions in digital assets after discovering a bug in Poly Network’s system as a way to “keep it safe” from more malicious actors.
Hackers Steal, Then Promise To Return $611M
Around $611 million worth of digital assets were stolen in a cyberattack this week in what appeared to be one of the largest cryptocurrency thefts ever. Now, a person claiming responsibility for the hack has returned nearly all of the money and even refused a $500,000 reward from their victim.
The situation largely began Tuesday morning when the blockchain provider Poly Network publicly announced the theft and said it sought to establish a line of communication with the hacker or hackers involved. In its statement, the company also urged the culprit(s) to return the hacked assets to thousands of victims on its platform.
On Wednesday, in what became the first of several strange turn of events, the hacker(s) told Poly that they were “ready to return” the assets. Several hours later, Poly reported that it had recovered an initial $4.8 million.
So far, we have received a total value of $4,772,297.675 assets returned by the hacker.— Poly Network (@PolyNetwork2) August 11, 2021
ETH address: $2,654,946.051
BSC address: $1,107,870.815
Polygon address: $1,009,480.809 pic.twitter.com/bPFAQk4mvS
At first, it was unknown why the hacker(s) had started to send the money they stole back to Poly.
Tom Robinson, a chief scientist of the blockchain analytics firm Elliptic, told CNBC, “I think this demonstrates that even if you can steal cryptoassets, laundering them and cashing out is extremely difficult, due to the transparency of the blockchain and the use of blockchain analytics.”
“In this case the hacker concluded that the safest option was just to return the stolen assets.”
Others have theorized that the hacker(s) grew afraid of being exposed and prosecuted after researchers found potentially identifying information, including an email and IP address.
Suspected Hacker Says It Was All “For Fun”
Later Wednesday, a person claiming to be behind the attack instead offered a different explanation, saying it was all just “for fun :).”
“Cross chain hacking is hot,” they said.
According to that person, after spotting a bug in Poly’s systems, they took the money to protect it from bad actors who might also find the bug and run off with the money for good.
“I had a mixed feeling,” the reported hacker said. “Ask yourself what to do had you fac[ed] so much fortune. Asking the project team politely so that they can fix it? Anyone could be the traitor given one billion!”
“I can trust nobody! The only solution I can come up with is saving it in a _trusted_ account while keeping myself _anonymous_ and _safe_.”
Hacker Reportedly Turns Down $500,000 Reward
As of Friday morning, Poly said all but $33 million in frozen Tether, a “stablecoin” with a value attached to the U.S. dollar, had been recovered.
However, another $238 million remains locked behind an account that requires passwords from not only Poly Network but also from the hacker.
“It’s likely that keys held by both Poly Network and the hacker would be required to move the funds — so the hacker could still make these funds inaccessible if they chose to,” Robinson said in a blog post-Friday.
That said, the suspected hacker has promised to provide the final key “when _everyone_ is ready.”
In another message, the reported hacker said Poly Network has offered them immunity and even claimed to have turned down a $500,000 “bug bounty” from Poly for returning the money and “helping us improve [our] security.”
Tech organizations tend to offer bug bounties to those who report security vulnerabilities to them. As such, Poly actually ended up thanking the hacker and has begun referring to them as a “white hat,” a term meant to denote ethical hackers who expose system flaws.
“After communicating with Mr. White Hat, we have also come to a more complete understanding regarding how the situation unfolded as well as Mr. White Hat’s original intention,” Poly said in a statement to Reuters.
However weirdly this story may have played out, it nonetheless highlights the inherent risks of decentralized finance platforms and the lack of safeguards they employ compared to traditional banks and exchanges.
Tech Ethicist Tristan Harris Talks Council For Responsible Social Media, TikTok, Twitter, and More
Harris is part of a bipartisan group that is aiming to reform social media for good.
The Council For Responsible Social Media
Tristan Harris, the co-founder of the Center for Humane Technology, understands why many people view TikTok as a harmless app with jokes and dances. Harris, however, sees the Chinese-owned platform as a national security risk.
“During the Cold War, would you have allowed the Soviet Union to control television programming for the entire western world, including Saturday morning cartoons, the ‘Teletubbies’ and ‘Sesame Street?’” he said during an interview with Rogue Rocket.
That’s what he argues is happening with TikTok. The app, which is the most downloaded in the world, is owned by ByteDance, a Chinese tech company with ties to the Chinese Communist Party. Harris says we are “effectively outsourcing our media environment to, in the case of the United States, the number one geopolitical competitor.”
National security issues with TikTok, the extreme polarization caused by Facebook and Twitter, and a slew of other issues are among the reasons Harris and several other bipartisan leaders formed The Council For Responsible Social Media last month.
Co-Chaired by former congressman Dick Gephardt and former Lieutenant Governor of Massachusetts Kerry Healey, the group was made in partnership with the nonprofit IssueOne. Other members include Facebook whistleblower Frances Haugen, former Sen. Claire McCaskill, former Defense Secretary Chuck Hagel, and Harris.
It aims to pressure tech companies and politicians to make social media less harmful in every facet.
“What are the wins we can get on the scoreboard?” Harris explained. “Things like, frankly, banning TikTok or otherwise forcing a total sale of TikTok?…Can we do things like pass the Platform Accountability and Transparency Act?”
The TikTok Problem
When it comes to TikTok, the idea of banning it is not new. Former president Donald Trump attempted to do so in 2020, and earlier this month, a Federal Communications Commission official urged the U.S. to do away with it.
In Harris’ eyes, the threat posed by TikTok looms much larger than just mindless entertainment.
“When we outsource our media environment to a CCP-controlled company, we are effectively outsourcing our voting machine to the CCP,” Harris said. “How do you know who to vote for? Why is it that you know more about Marjorie Taylor Greene and [Alexandria Ocasio-Cortez] than the other hundreds of members of Congress? Because the attention economy rewards certain people to rise to the top.”
Social media apps, TikTok included, favor people that are more likely to be divisive, on either end of the political spectrum. Harris referred to this as “amplifiganda,” something the CCP can use to interfere with another nation’s political and cultural happenings.
“It’s strategically amplifying who are the voices I want to hear from and who are the voices I don’t want to hear from,” he added. “Without firing a single shot, without creating a single piece of new propaganda, I can simply amplify the politicians and videos that I want you to be seeing.”
In China, domestic users receive what Harris calls the “spinach” version of the app, that largely includes educational content, science experiments, and patriotism videos. He says it is very different from the scroll-for-hours version the U.S. and other international markets receive.
Harris, however, does not think this was part of “a deliberate plan” or that there’s a “large mustache that’s being twirled somewhere in China.” Rather, this is just an after-the-fact consequence of TikTok succeeding at being highly addictive, and China simply regulating it for itself.
Banning the app is not the only solution, Harris noted. Officials could also attempt to force a purchase of TikTok. A similar case happened in the past with Grindr. After a U.S. foreign investment commission said the app’s Chinese ownership was a security risk, the dating app was sold to a U.S.-based group.
“And now it’s not that the company is partially in China or partially in the U.S., or the data is on an American server while the design decisions are made in Bejing, it’s not like that,” Harris explained. “They forced the entire sale.”
“Anything less than that with TikTok would be insufficient.”
Despite the numerous issues posed by nearly every social media platform, enacting meaningful change will be no small feat. The Council For Responsible Social Media has outlined several steps it plans on taking, including awareness campaigns and hearings that could inspire action.
On the legislative front, this could involve the passage of the aforementioned Platform Accountability and Transparency Act, which was introduced by bipartisan senators last year and would “require social media companies to provide vetted, independent researchers and the public with access to certain platform data.”
Harris does not think this bill is a cure-all, he does think it should be a no-brainer for politicians to pass.
“It won’t change the DNA of the cancer cell that is social media, it’ll be more like the cancer cell is printing quarterly reports about what it is doing to society, but that’s still a better world than having a cancer cell where you don’t know what it’s doing,” he said.
Many advocates believe transparency is key when it comes to reforming social media, as it educates the general public about what these apps are really doing.
The Future of Twitter
Harris thinks education about social media has inadvertently grown over the last several weeks as billionaire Elon Musk took over Twitter. The process has proven to be quite chaotic, but it has also forced people to learn about Twitter’s problems.
“Twitter has already been a chaos-making, inflammation-for-profit machine. Elon buying Twitter doesn’t change that, he’s just running the inflammation-for-profit machine,” Harris said.
Musk’s acquisition has created a substantial financial bind and forced the mogul into a position where he has to turn engagement and revenue up. This has involved cutbacks on content moderation and laying off staff that worked on trust and safety.
“He has to figure out a way to lower costs and increase revenue, which unfortunately basically moves the whole system into a more and more dangerous direction,” Harris claimed, though he did say he does not view this as a character flaw on Musk’s part, rather just the reality of how these apps operate.
When it comes to fixing the root problems at Twitter, Harris thinks Musk has his eyes on the wrong target by focusing on censorship and free speech.
“It has to do with Twitter being a bad video game in which citizens earn or score the most points by adding inflammation to cultural fault lines,” he explained.
“If we’re playing a video game, and you earn the most points by finding a new cultural war faultline and inflaming it better than some other guy, you’re an inflammation entrepreneur,” he continued. “Turning citizens into inflammation entrepreneurs for profit is how we destroy democracies.”
Harris said that if Musk wants to change Twitter for the better, he has to “change the video game of what Twitter is” so that people are not rewarded for inflammation, but for consensus.
Meta Fined $24.7 Million for Campaign Finance Violations As Profits Fall 50%
A judge found the company violated Washington State’s campaign finance law more than 800 times since 2020 despite having previously settled a lawsuit for identical violations in 2018.
Judge Fines Facebook
A judge in Washington state slapped Meta with a $24.7 million fine on Wednesday after finding it had intentionally violated the state’s campaign finance disclosure laws.
In a statement, Washington Attorney General Bob Ferguson described the judgment as “the largest campaign finance penalty anywhere in the country — ever.”
According to the judge, Meta violated Washington’s Fair Campaign Practices Act 822 times. Each count carries a maximum fine of $30,000.
The law, which was passed in 1972, requires entities that sell political ads to make certain information public, including the names and addresses of ad buyers, the targets of the ads, how the ads were financed, and the total number of views. While TV stations and newspapers have followed this law for decades in Washington, Meta has continually refused to comply with the law, even arguing unsuccessfully in court that the act is unconstitutional because it “unduly burdens political speech” and is “virtually impossible to fully comply with.”
The matter has been a long, ongoing battle for Meta. In 2018, when Meta was still Facebook, Ferguson sued the platform for violating the same law. As part of a settlement, the social media network agreed to pay $238,000 and commit to transparency in political advertising.
At the time, Facebook said it would rather stop selling ads in Washington state than adhere to the law, but it continued to sell ads while also still refusing to comply. Ferguson responded by filing another suit in 2020, which resulted in the Wednesday ruling.
Meta’s Financial Woes
Although $24.7 million may seem like pocket change to a multi-billion dollar corporation, the fines come as Meta is facing unprecedented financial troubles.
Also on Wednesday, the company reported a 50% drop in profits for the third quarter of 2022. The decline follows a recent trend as Meta’s earnings continue to suffer from slowing ad sales, fierce competition from platforms like TikTok, and CEO Mark Zuckerberg’s decision to spend massive amounts of money on developing the metaverse.
In July, the tech giant posted its first-ever sales decline since becoming a public company. Meta’s stock has also nose-dived over 60% this year. The market reacted poorly to the reported drop in profits Wednesday, sending the stock down nearly 20%.
Despite the fact that the past year has been one of the worse ever for the business following Zuckerberg’s decision to rebrand as Meta and go all-in with the metaverse, his commitment remains fervent.
According to reports, during a call with analysts Wednesday, the CEO argued that people would “look back decades from now” and “talk about the importance of the work that was done here” in regards to the metaverse and virtual reality.
See what others are saying: (The Associated Press) (Axios) (The New York Times)
ByteDance Looks To Expand Music Streaming Service in Potential Threat to Spotify
The move could strengthen the power TikTok currently wields over the music industry.
Talks With Music Labels
TikTok parent company ByteDance is looking to expand its music streaming service, Resso, in a move that could shift both music consumption and marketing, according to The Wall Street Journal.
In a report on Wednesday, the Journal said that ByteDance is currently in talks with music labels about bringing Resso to over a dozen new markets. Currently, the platform is only available in Brazil, India, and Indonesia. While the United States would not be part of this next growth phase, the China-based company has its eyes on an eventual global expansion.
According to the Journal’s sources, in the long run, ByteDance hopes to integrate Resso and TikTok so that users who discover music on the video app can then subscribe and listen on the audio platform. Such a move could pose a threat to audio streaming giants like Spotify.
Over the past several years, TikTok has become increasingly powerful in the music industry. Its short videos paired with snappy soundbites make it prime for songs to go viral, and as a result, it has launched the careers of some of today’s biggest stars.
Lil Nas X was propelled to fame after releasing “Old Town Road” to TikTok. Millions of users began using the track on the app for their viral videos, leading the song to dominate both radio play and streaming. It eventually broke the record as the longest-running song atop the Billboard 100.
Likewise, Olivia Rodrigo went from a Disney+ actress to one of the biggest names in music overnight after her debut single “drivers license” blew up on TikTok. That song, as well as her follow-up singles, topped the charts and landed her multiple Grammy Awards.
Because TikTok is where so many young people discover music, expanding Resso would allow ByteDance to keep its user base under its own umbrella. It could also consolidate work for artists who already market their music on TikTok.
This expansion, however, will likely not come without complications. Sources told the Journal that even though this could potentially serve as another revenue source for TikTok, the biggest hurdle will be figuring out how much to pay out to labels. Some record companies have even expressed direct doubt about Resso to ByteDance.
While TikTok has seen exponential revenue growth over the years, making money from music streaming is a challenge. As a result, Spotify has had to lean heavily on podcasting.
When it comes to Resso, reports say most users do not actually pay for it. Like Spotify, it has an ad-supported free tier. According to the Journal, very few free users become paid subscribers.
The app’s popularity is increasing in the three countries it is available in, though. According to Insider, in Jan. 2021, the app had just a 4.8% market share of monthly active users in music streaming in India. That was just a fraction of the 18% held by Spotify at the time.
By Jan. 2022, that gap got significantly smaller. Resso’s 17% share is only slightly less than Spotify’s 22.8% share.
Wednesday’s news about ByteDance’s intentions to grow the app sent Spotify’s stock sliding, though it had picked up again by mid-day Thursday.