Wormhole Token Bridge Lost $321 Million In Crypto Heist
Wormhole token bridge connecting the Ethereum and Solana blockchains, seemingly an insignificant piece of technology for its function, lost more than $321 million on Wednesday afternoon.
This is the biggest attack on Solana yet. A competitor to Ethereum gaining traction in the non-fungible token (NFT) and DeFi ecosystems. The $600 million Poly Network crypto heist was bigger, but it involved cryptocurrencies rather than blockchain technology, which could explain why critics are calling this new development “pretty historic.”
The robbery took place on Solana’s side. The discovery of a vulnerability on Solana’s side has raised concerns that it could also be vulnerable to Wormhole’s bridge.
The Wormhole team announced that they would replenish the stock of Ethereum (ETH) to ensure wETH 1:1 backing, but it’s not clear where those funds are coming from and when.
The attacker managed to hack into a smart contract and steal $321 million worth of wETH. The heist took place at 6:24 PM UTC on Feb. 2, when 120,000 wETH were beaten by an attacker who then cashed 93,750 wETH for ETH, equivalent to $256 million. These funds allowed them to buy SportX (SX), Meta Capital (MCAP), Last Usable Crypto Karma (FUCK), and Bored Ape Yacht Club Token (APE).
With the remaining WETH traded for USDS and SOL on Solana, the hacker now has 432,662 SOL ($44 million) in Solana wallet.
CertiK, a smart contracts audit firm, reported potential vulnerabilities within Wormhole’s bridges to other blockchains in today’s press release. However, the report says it’s “possible” that patches or upgrades could address these shared concerns.
Is Wormhole Happy Enough As Poly Network?
The Wormhole team wants their money back. They have offered a $10 million bug bounty, which they will pay out if someone can find an exploit to return it.
“Here’s the Wormhole Deployer: We noticed you could use the Solana VAA verification and coin tokens. We’d like to offer you a whitehat deal and offer you a $10 million bug bounty for details on exploits and returning the money that you hit. You can reach us at [email protected]”
The Wormhole team is working hard to fix a recently reported exploit. Unfortunately, as of now, wETH tokens sent over the bridge are not yet redeemable while they are in pursuit.
Two smart contract exploits in a week. The first was on the token bridge of Qubit Finance last Friday, and now this new vulnerability. It reminds us a lot of the Poly Network hack where they stole nearly $610 million from investors. Poly Network was lucky enough to get its money back through the intervention of a whitehat hacker.
Related literature | Poly Network Confirms Hacker Returned Most of Stolen Cryptocurrency
Tech Giants Reviews on Token Bridge Heist
Vitalik Buterin’s warning that “fundamental safety limits” on symbolic bridges have been lifted by recent events. The frequency of smart contract hacks highlights his point that layer-1 blockchains are vulnerable. Moreover, hackers loot other platforms for their gunfire and attack routes to new territory without any defenses against such tactics.
We reached out to Ali Qamar, Cyber Security Expert and founder of PrivacySavvy, to comment on the hacker exploiting a security flaw to mine wETH without depositing ETH himself. The privacy education hub lead brain noted,
The heist reminds us that the security of the DeFi services has yet to reach a level suitable for the massive amounts of funds stored within them. Blockchain transparency appears to allow attackers to detect and exploit significant bugs.
What is Token Bridge?
Ether is the most popular blockchain network in use today and is looked at by many people who want to replace banks or lawyers when working with smart contracts. However, there are other options available, such as Solana, which may be cheaper and faster depending on your needs.
The introduction of cross-chain bridges has made it easier than ever for Crypto holders to operate outside their ecosystem, with no restrictions on where they send or receive cryptocurrencies from.
Related literature | What are Blockchain Bridges?
The Wormhole is a revolutionary new protocol that allows users to move their tokens and NFTs between Solana, Ethereum’s most popular smart contract platform.
Investor excitement over the potential for Solana’s network to be more widely used led to the crypto top ten last year. The price of one token has increased by 1,600% since February 2021. The combined value hit a record high last year at $78 billion.
Bitcoin price is down 4% since the recent heist. Source: Tradingview.com
However, Solana’s value has fallen rapidly since the recent crypto heist and is currently trading at less than $100 per token. In addition, the decline is linked to a broader crypto market crash. The crash affected bitcoin and other major cryptocurrencies such as Ethereum or lite coin. As a result, their values have dropped significantly over time.
Featured image from Pixabay, chart from TradingView.com