Wormhole bridge exploited with $322M in damage
The bridge protocol Wormhole has been exploited and there are mixed reports of damage.
The loss after the attack, according to Wormhole, was 120,000 ETH worth $322,952,400 at the current price.
The earliest reports estimate the damage of the attack at 80,000 ETH. Later, The Block’s Steven Zheng noted that the amount stolen was “more than 80,000 ETH”, estimating the damage at 93,750 ETH ($256 million).
But it seems that these smaller estimates do not take into account the stolen funds held on Solana as wETH.
Wormhole is a bridge protocol that allows assets to move across different blockchain protocols. When a user sends an asset from one chain to another, the bridge locks the asset and creates a wrapped version of the fund on the destination chain.
Regardless of the amount stolen, it turned out to be one of the largest DeFi attacks in recent history. Other major attacks including Poly Network losing $611 million, Cream Finance and BadgerDAO losing more than $120 million, all occurred in 2021.
Source: The Block
No clear explanation
The official Wormhole Twitter account did not give a detailed explanation of the attack,
but has stated that the network is “down for maintenance” as it investigates the attack and will provide updates.
‼️ The wormhole network is down for maintenance as we look into a potential exploit.
? We will provide updates here as soon as we have them.
? Thank you for your patience.
— Wormhole? (@wormholecrypto) February 2, 2022
Wormhole developers attempted to contact the attacker via a blockchain message. Team members renewed a “white hat agreement” and offered a $10 million bounty for the hacker to reveal the attack strategy and return the stolen funds.
That announcement also said that an attacker could generate new tokens by mining Wormhole’s Solana VAA verification — the messaging system handled by receiving blockchains.
Ethereum creator Vitalik Buterin warned about the shortcomings of cross-chain bridges in early January, noting the security risks inherent in such protocols.
- Hackers Attacked A Number Of Popular Crypto YouTuber Accounts
- Hacker Helps Trezor To Recover Cryptocurrency Funds Valued Over $2 Million