- Tokens worth more than $320 million have been stolen.
- The hack is the fourth-largest crypto theft in the history.
- Wormhole claims on the Telegram channel that “all funds are safe.”
- Criminals are increasingly targeting DeFi sites.
Wormhole, one of the most popular bridges connecting the Ethereum and Solana blockchains, was reportedly hacked Wednesday afternoon and lost approximately $320 million.
In an apparent hack Wednesday afternoon, one of the most popular bridges connecting the Ethereum and Solana blockchains lost more than $320 million.
It Is DeFi’s second-largest exploit ever, following the $600 million Poly Network crypto heist, and it is the largest attack on Solana, a competitor to Ethereum that is gaining traction in the non-fungible token (NFT) and decentralized finance (DeFi) ecosystems.
Ethereum is the most widely used blockchain network, and it is a major player in the world of DeFi, smart contracts are programmable pieces of code that can replace middlemen Banks and lawyers, for example, play important roles in certain types of business transactions. Solana, a more recently introduced competitor, is gaining popularity because it is less expensive and faster to use than Ethereum.
Wormhole developers confirmed the exploit on Twitter, stating that the network is “down for maintenance” as they investigate a “potential exploit.” The protocol’s official website is currently unavailable.
Wormhole, a cryptocurrency platform, announced on Thursday that “all funds are safe” after hackers stole more than $320 million from its website in the fourth-largest cryptocurrency heist on record.
WORMHOLE PROTOCOL CONFIRMS IT WAS HACKED OF 120,000 ETH(~$320M), MAKING IT THE 2ND LARGEST DEFI HACK EVER
— Jacquelyn Melinek (@jacqmelinek) February 2, 2022
Important hacking risk
According to CertiK, the attacker’s profits thus far total at least $251 million in Ethereum, nearly $47 million in Solana, and more than $4 million in USDC, a stable coin pegged to the price of the US dollar.
According to preliminary CertiK analysis, the attacker took advantage of a vulnerability on the Solana side of the Wormhole bridge to generate 120,000 “wrapped” Ethereum tokens for themselves(While wrapped Ethereum tokens are pegged to the original coin’s value, they are interoperable with other blockchains.) They then appear to have used these tokens to claim Ethereum held on the Ethereum side of the bridge.
Alright. I figured out the Solana x Wormhole Bridge hack. ~300 million dollars worth of ETH drained out of the Wormhole Bridge on Ethereum. Here’s how it happened.
— smartcontracts (@kelvinfichter) February 3, 2022
Wormhole claims that Ethereum will be added to the bridge “in the coming hours” to ensure that its wrapped Ethereum tokens are backed, but it is unclear where the funds will come from.
Bridges, according to Ethereum founder Vitalik Buterin, will not be around for much longer in the crypto ecosystem, in part because there are “fundamental limits to the security of bridges that hop across multiple ‘zones of sovereignty.’”