Hackers behind one of the biggest ever digital coin heists have now returned over half of the $610 million-plus they stole, the cryptocurrency platform targeted by the hack said on Thursday.

Poly Network, a platform that facilitates peer-to-peer transactions, said on Twitter that, as of 0818 GMT, hackers had returned $342 million of the currencies stolen.

Some $268 million worth of tokens are still outstanding, it said.

Following a preliminary investigation of the attack, Poly Network said the threat actor exploited a vulnerability between contract calls which allowed them to gain ownership of funds and transfer them to attacker-controlled wallets:

“This attack is mainly because the keeper of the EthCrossChainData contract can be modified by the EthCrossChainManager contract, and the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute the data passed in by the user through the _executeCrossChainTx function,” SlowMist further explained.

“Therefore, the attacker uses this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract.”