On September 18th PolisPay announced on their Twitter that they've been the victim of a 51% attack and have been talking for a couple of days with Cryptopia about their network issues.

The attack that took place on September 4 used the DoubleSpend method to steal the funds from Cryptopia. In short, a 51% attack happens when a miner starts mining the blockchain in private, making sure his unpublished chain is ahead of the public chain. He then sends his tokens on the public chain to an exchange and waits for it to be accepted. After converting it to another crypto and withdrawing it, he will publish his privately mined chain which will replace the previous public chain because of the 'longest chain principle'. He will then have his original coins and his converted coins.

To combat this problem, Polis will switch to Proof-of-Stake. Also, they have released a new version of their wallet; v1.4.0 mandatory update which will cause a hard-fork on block 186213. They have stated:

We have talked with the Cryptopia team to get a solution. The only long-term solution we found was to change the Polis protocol to Proof-of-Stake. We tried to think about some new possibilities, but they will require time. We decided to integrate the Proof-of-Stake implementation from StakeNet PeerCoin implementation. Currently, the Proof-of-Stake protocol has been running for a couple of days on the testnet and we have tested and prepared it for mainnet deployment.

100,000 POLIS will be generated and paid to the developer team to repay Cryptopia for the amount that has been stolen.