Online Thieves Steal $320m from Crypto Firm Wormhole
Yet another cryptocurrency firm is offering a multimillion-dollar ‘bug bounty’ reward to those who hacked it after suffering a cyber-heist worth an estimated $322m.
Wormhole operates what’s known as a cross-blockchain bridge, enabling holders of certain cryptocurrencies to transfer tokens, data and other assets between siloed blockchains. It offers this service to bridge Ethereum, Solana, BSC, Polygon, Avalanche, Oasis and Terra.
In a brief statement late yesterday, the firm tweeted that its network was down while it investigated a potential exploit.
Then came the news that users were dreading: Wormhole confirmed that attackers stole 120,000 Ethereum tokens worth over $320m.
However, the firm claimed that it would be adding more Ethereum to its platform “over the next hours” to ensure any assets it owns are backed 1:1. The fear is that without this backing, various Solana users and platforms would be helpless.
A security researcher going by the handle “samczsun” on Twitter has a detailed write-up of the attack here, having reverse-engineered the exploit. The hacker exploited a vulnerability on the Wormhole platform, enabling them to pocket new wrapped Ethereum (wETH) without needing to deposit any in return.
WETH is a version of Ethereum designed to be exchanged with other Ethereum-based tokens and has the same value as ETH.
Just like Qubit Finance a few days ago, Wormhole has reached out to its attacker, offering a massive $10m reward for finding the bug.
“We noticed you were able to exploit the Solana VAA verification and mint tokens. We’d like to offer you a white hat agreement, and present you a bug bounty of $10m for exploit details, and returning the wETH you’ve minted,” it said in a message on the Ethereum blockchain.
The audacious cyber-heist makes this easily the biggest theft of cryptocurrency so far this year and the largest such incident targeting cross-blockchain bridges.
In its most recent update, Wormhole claimed the vulnerability had now been patched, and it was working on getting the network back up and running.
More Stories
Friday Squid Blogging: Biology and Ecology of the Colossal Squid
Good survey paper. Blog moderation policy. Read More
Ultralytics Supply-Chain Attack
Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4,...
US Offers $5M for Info on North Korean IT Worker Fraud
The US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North...
2024 Sees Sharp Increase in Microsoft Tool Exploits
Sophos found observed a significant rise in Microsoft LOLbins abused by attackers in H1 2024 compared to 2023 Read More
Akira and RansomHub Surge as Ransomware Claims Reach All-Time High
Claims on ransomware groups’ data leak sites reached an all-time high in November, with 632 reported victims, according to Corvus...
Researchers Discover Malware Used by Nation-Sates to Attack Industrial Systems
IOCONTROL, a custom-built IoT/OT malware, was used by Iran-affiliated groups to attack Israel- and US-based OT/IoT devices, according to Claroty...