According to Foresight News, Poly Network has published an investigation report on the security breach that occurred in July. The attacker implanted a Trojan virus in the program compilation environment, obtaining the consensus key of the Poly Network relay chain. The attacker then manipulated the target chain's pending unlockable assets by executing forged cross-chain transactions on the relay chain after transferring the original chain transactions.
Subsequently, the attacker transferred their relay chain transactions to the target chain. The target chain contract verified the relay chain signature, resulting in the release of the modified asset amount corresponding to the attacker's wallet address.