Online Thieves Steal $320m from Crypto Firm Wormhole
Yet another cryptocurrency firm is offering a multimillion-dollar ‘bug bounty’ reward to those who hacked it after suffering a cyber-heist worth an estimated $322m.
Wormhole operates what’s known as a cross-blockchain bridge, enabling holders of certain cryptocurrencies to transfer tokens, data and other assets between siloed blockchains. It offers this service to bridge Ethereum, Solana, BSC, Polygon, Avalanche, Oasis and Terra.
In a brief statement late yesterday, the firm tweeted that its network was down while it investigated a potential exploit.
Then came the news that users were dreading: Wormhole confirmed that attackers stole 120,000 Ethereum tokens worth over $320m.
However, the firm claimed that it would be adding more Ethereum to its platform “over the next hours” to ensure any assets it owns are backed 1:1. The fear is that without this backing, various Solana users and platforms would be helpless.
A security researcher going by the handle “samczsun” on Twitter has a detailed write-up of the attack here, having reverse-engineered the exploit. The hacker exploited a vulnerability on the Wormhole platform, enabling them to pocket new wrapped Ethereum (wETH) without needing to deposit any in return.
WETH is a version of Ethereum designed to be exchanged with other Ethereum-based tokens and has the same value as ETH.
Just like Qubit Finance a few days ago, Wormhole has reached out to its attacker, offering a massive $10m reward for finding the bug.
“We noticed you were able to exploit the Solana VAA verification and mint tokens. We’d like to offer you a white hat agreement, and present you a bug bounty of $10m for exploit details, and returning the wETH you’ve minted,” it said in a message on the Ethereum blockchain.
The audacious cyber-heist makes this easily the biggest theft of cryptocurrency so far this year and the largest such incident targeting cross-blockchain bridges.
In its most recent update, Wormhole claimed the vulnerability had now been patched, and it was working on getting the network back up and running.
More Stories
Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google...
Friday Squid Blogging: Sunscreen from Squid Pigments
They’re better for the environment. Blog moderation policy. Read More
Compromising the Secure Boot Process
This isn’t good: On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than...
Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain
Synnovis has rebuilt “substantial parts” of its systems following the Qilin ransomware attack on June 3, enabling the restoration of...
Hacktivists Claim Leak of CrowdStrike Threat Intelligence
CrowdStrike has acknowledged the claims by the USDoD hacktivist group, which has provided a link to download the alleged threat...
CrowdStrike Falcon Outage Exploited for Social Engineering
Cyber threat actors are exploiting the CrowdStrike Falcon outage to conduct social engineering attacks. Here's what the CIS CTI team...