Wormhole cross-chain bridge, a Solana-Ethereum bi-directional by Solana Labs, is the latest of DeFi crimes in which the attacker has siphoned off $320 worth of wETH.
What Happened?
The official Twitter channel of Wormhole Network first hinted about the possible exploitation of the network at 8:42 PM UTC, February 2. The team, on Twitter, wrote:
‼️ The wormhole network is down for maintenance as we look into a potential exploit.
📢 We will provide updates here as soon as we have them.
🙏 Thank you for your patience.
— Wormhole🌪 (@wormholecrypto) February 2, 2022
“The wormhole network is down for maintenance as we look into a potential exploit. Public address loudspeaker We will provide updates here as soon as we have them.”
Some initial hinted suggested that the attacker had stolen 80K Wrapped ETH (wETH) or $213 million from Wormhole contracts. Wrapped ETH or wETH is a token that represents ETH 1:1 and conforms to the ERC20 token standard.
Two hours later, the Wormhole team confirmed the exploit saying that the stolen amount is 120K wETH or $320 million. The team wrote:
The wormhole network was exploited for 120k wETH.
ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly.
We are working to get the network back up quickly. Thanks for your patience.
— Wormhole🌪 (@wormholecrypto) February 2, 2022
“The wormhole network was exploited for 120k wETH.
ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly.
We are working to get the network back up quickly. Thanks for your patience.”
While what kind of vulnerability of bug allowed this exploit to happen has not yet been explained by the Wormhole team, some experts also noted that the attacker was exploiting Solana (SOL) too in addition to the stolen Ether.
According to Elliptic, this is the fourth-largest crypto and the second-largest DeFi theft. In the exploit, the hacker minted 120,000 wETH on the Solana side, 93,750 ETH of which was then transferred to the Ethereum blockchain.
In the last update, the team said that the vulnerability had been patched. The nature of the vulnerability is expected to be explained in the post mortem report. It is now confirmed that the hacker has siphoned off 120K wETH from the Wormhole Network that calculates 320 million USD, according to the current price of ETH.
Wormhole is Negotiating With The Hacker
When the Wormhole Network first hinted about a potential exploit, someone shared an on-chain message sent to the hacker by Certus One, a company involved in the development of the Wormhole bridge. The message negotiates a whitehat agreement of $10 million with the hacker.
The message reads:
“This is the Wormhole Deployer:
We noticed you were able to exploit the Solana VAA verification and mint tokens. We’d like to offer you a whitehat agreement and present you a bug bounty of $10 million for exploit details, and returning the wETH you have minted. You can reach out to us at [email protected]”
As Crypto Economy reported, Wormhole is a bidirectional cross-chain bridge that connects ETH and ERC20 tokens to SPL Tokens, the token standard of the Solana blockchain. It is a joint venture of Solana Labs and Certus One, an enterprise-grade validator for proof-of-stake blockchains.