The 4th Largest Crypto Theft Shows DeFi Weakness as Hacker Nets USD 325M in a Wormhole

0
70

The Wormhole Exploit – the 4th largest crypto theft of all time, according to Elliptic. As of 2 February 2022. Value of funds at the time of theft. Source: Elliptic

 

The DeFi bridge between Solana (SOL) and other blockchains Wormhole lost wETH 120,000 (USD 325m) in a hack, once again stressing the weaknesses of this nascent sector. The team offered the hacker a USD 10m bounty if they return the funds.

In their latest update (12:41 AM UTC), Wormhole confirmed that the vulnerability has been patched and they “are working to get the network back up as soon as possible.”

Per crypto analytics firm Elliptic, this is the fourth largest crypto theft of all time, and the second-largest theft from a DeFi service. According to the analysts, the exploit appears to have allowed the attacker to mint 120,000 wrapped ETH on the Solana blockchain, ETH 93,750 of which was then transferred to the Ethereum (ETH) blockchain.

“This demonstrates once again that the security of DeFi services has not reached a level that is appropriate for the huge sums being stored within them,” Tom Robinson, Co-founder of Elliptic, told Bloomberg. “The transparency of the blockchain is allowing attackers to identify and exploit major bugs.”

Wormhole claims it has integrated seven blockchains –  Ethereum, Solana, Terra, Binance Smart Chain, Polygon, Avalanche, and Oasis – and has USD 1bn in total value locked.

Per their website there are two features built on top of the generic message-passing protocol including:

  • A token bridge that allows users to bridge wrapped assets between supported chains.
  • An NFT bridge that allows ERC721 and SPL NFTs to be transferred between Ethereum, Binance Smart Chain, Polygon, Avalanche, Oasis, and Solana.

_____
Learn more:
Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes 
OpenSea Is Reportedly Being Exploited

Centralization Caused Most Decentralized Finance Hacks in 2021
Top Risks for DeFi Users and Investors According to Moody’s and Gauntlet

Multichain Losses Reportedly Exceed USD 3M As Critical Vulnerability Remains Unsolved
CRO Jumps as Crypto.com Releases USD 34M Hack Report

Animoca Brands-Owned Lympo Hacked, LMT & LYM Tokens Go on Wild Ride
LCX Loses USD 8M in a Hot Wallet Hack
Polygon Justifies Its Quiet Hard-Fork Citing ‘Critical Vulnerability’



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here