According to ethical hacker Marwan Hachem, the recent hack that resulted in the loss of over $600 million in cryptocurrency was caused by an “out of scope” bug. This shocking revelation has sent shockwaves through the crypto community, raising concerns about the security of digital assets.

Hachem, who has been involved in numerous bug bounty programs for major companies, explained that an “out of scope” bug refers to a vulnerability that is not covered by the scope of a security program. In this case, the hacker was able to exploit a vulnerability that was not included in the scope of the program, allowing them to gain unauthorized access to the funds.

The hack, which targeted the decentralized finance (DeFi) platform Poly Network, has been described as the biggest in crypto history. The platform, which allows users to swap tokens across different blockchains, was hit with a devastating attack that resulted in the theft of various cryptocurrencies, including Ethereum, Binance Coin, and Dogecoin.

Hachem believes that the hack could have been prevented if the scope of the security program had been more comprehensive. He emphasized the importance of regularly reviewing and updating the scope to ensure that all potential vulnerabilities are covered.

The incident has once again highlighted the need for robust security measures in the crypto industry. As the popularity and value of digital assets continue to rise, hackers are becoming more sophisticated in their attacks. It is crucial for companies and platforms to prioritize security and invest in regular audits and bug bounty programs to identify and address any vulnerabilities.

In the wake of this hack, Poly Network has promised to compensate all affected users and has been working with various blockchain projects to recover the stolen funds. However, this incident serves as a reminder that the crypto industry is still in its early stages and has a long way to go in terms of security. It is up to all stakeholders to work together to ensure the safety and protection of digital assets.