Polter Finance faced a serious cyber attack that threatened the security of funds and user confidence. The platform suspended operations and turned to law enforcement after $12 million was withdrawn.
The Hack and Investigation
On November 17, Polter Finance halted its operations after identifying an exploit, notifying investors on X. The protocol traced the stolen funds to wallets on the crypto exchange Binance. According to TenArmor, Polter Finance fell victim to a flash loan attack involving a faulty oracle on its newly launched SpookySwap (BOO) market, resulting in $12 million losses.
Polter Finance's Response
The platform reached out to the hacker, offering negotiation and impunity via an on-chain message. By the time of writing, there had been no response. The pseudonymous founder, Whichghost, filed a police report with Singapore authorities, who confirmed his identity via Singpass. The report states that besides general losses of 16.1M SGD, Whichghost incurred personal losses of $223,219.
Community Reaction and Next Steps
Despite the company's efforts, community members on X expressed skepticism, suggesting possible insider involvement. Some critics saw the police report as a potential distraction from internal scrutiny. In response, Polter Finance announced a partnership with the Security Alliance Information Sharing and Analysis Center (SEAL-ISAC) to help track the attacker. Polter Finance had a total market size of $12 million, comprising $7.87 million in Fantom, $1.03 million in wrapped USD Coin, $251,000 in Magic Internet Money (MIM), and $2.1 million in Stader sFTMX.
The Polter Finance situation highlights the importance of sound security measures and transparency in decentralized financial platforms. As the platform navigates this challenge, questions about the potential security and resilience of such projects remain in focus.
