The threat of ransomware is only increasing. In 2020, attacks were up 150 percent from the previous year. In 2021, not only is the number of attacks rising, but the average ransom fee is up too. Decentralized finance (DeFi) platform Poly Network knows this firsthand following a ransomware attack in which a hacker secured $600 million in cryptocurrency.
The hacker has returned two-thirds of the tokens and is being touted as a white-hat player, while the individual dangles the remaining $200 million over Poly Network's head. In response, Poly Network took a surprising stance by offering the hacker a job.
Poly Network and others view the ransomware as a white-hat attack.
The anonymous ransomware hacker who stole $600 million in tokens from Poly Network is retaining the final $200 million "until everyone is ready." This is an extremely cryptic message and suggests that the hacker has some other tricks up their sleeve.
Despite the illicit activities, Poly Network and others are viewing this as a white-hat attack. Poly Network is even calling the hacker Mr. White Hat. Why is there empathy toward a hacker who took more than half a billion dollars from an organization?
What is a white-hat hacker?
A white-hat hacker is a reference to tropes in old western films, where the good cowboy wore a white or light-colored hat.
While a hacker with malicious intent steals cryptocurrency or fiat for the sake of stealing wealth, a white-hat hacker does so with the intent to help an organization. These "good guy" hackers use their expertise to highlight gaps in a company's security system. By returning the money, the motive transitions from malicious to altruistic. Following the attack, a company can quickly seal issues in the security to prevent more attacks.
Is Mr. White Hat as altruistic as people are making them out to be?
The Poly Network hacker is still holding on to $200 million worth of cryptocurrency tokens. The white-hat cyber-attack label presumes that the hacker will return the final amount.
Given the fact that this person is currently sitting on an immense amount of crypto, it's possible that they will decide to keep it and not return it.
Is the job offer legit, or is Poly Network using it as a negotiation tactic?
Poly Network is getting desperate. The DeFi platform has offered $500,000 as a bug bounty to the hacker if they return the remaining tokens. While Mr. White Hat hasn't accepted it, the hacker is considering accepting it as a bonus for any other hacker that can weasel their way into the Poly Network platform. If the Poly Network security team wanted to relax, they might have to wait a while.
Poly Network has offered the hacker a job as a chief security adviser. The company has determined that this individual knows what they're doing, and Poly Network could use them on its side. However, it's possible this job offer is more of a negotiation tactic than anything.
When ransomware hackers acquire assets, negotiation is a big part of the picture. However, the real concern for the victim is reacquiring the assets—oftentimes, at big costs.