Crypto Theft Shows DeFi Weakness in Wormhole

Fourth Largest Crypto Theft Sees Hacker Net 325M

The DeFi bridge between Solana (SOL) and other blockchains Wormhole LOST wETH 120,000  (USD 325M) in a hack, emphasizing the sector's infancy. If the thieves return the money, the team will pay them $10 million in cash.

In their latest update (13:39 UTC), Wormhole declared that "all funds have been restored and Wormhole is back up," but it promised to provide a thorough incident report as soon as possible.

In addition, the team has stated that "all funds are safe", and that the ETH contract has been fulfilled, with all wETH being backed in equal amounts. They didn't say where these cash came from, however.

According to the analytics firm Elliptic, this is the fourth biggest crypto theft of all time, and the second-largest theft from a DeFi service. According to the analysts, the hack appears to have given the attacker the opportunity to mint 120,000 wrapped ETH (wETH) on the Solana blockchain.  ETH 93,750 of minted crypto was then transferred to the Ethereum (ETH) blockchain.

Tom Robinson, Co-founder of Elliptic, told Bloomberg:

"This demonstrates once again that the security of DeFi services has not reached a level that is appropriate for the huge sums being stored within them ... The transparency of the blockchain is allowing attackers to identify and exploit major bugs."

Wormhole says it has linked seven blockchains: Ethereum (ETH), Solana (SOL), Terra (LUNA1), Binance Smart Chain (BNB), Polygon (MATIC), Avalanche (AVAX), and Oasis (ROSE). It claims to have $1 billion in total value secured.

According to their website, there are two features that extend the basic message-passing architecture, including:

  • Users may utilize a token bridge to connect supported chains by bridging wrapped assets.
  • Trusted third-party NFT bridge that allows ERC721 and SPL NFTs to be traded between Ethereum, Binance Smart Chain, Polygon, Avalanche, Oasis, and Solana.
Loading comments...
You've successfully subscribed to MarketCents
Great! Next, complete checkout to get full access to all premium content.
Error! Could not sign up. invalid link.
Welcome back! You've successfully signed in.
Error! Could not sign in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Error! Stripe checkout failed.
Success! Your billing info is updated.
Error! Billing info update failed.