Key Takeaways
- DeFi bridge protocol Wormhole has been subject to a hack, losing $320 million in the process
- Last week hackers stole $80 million from DeFi protocol Qubit Finance
YEREVAN (CoinChapter.com)- Wormhole protocol, one of the largest bridges between Solana and other blockchains, stands hacked.
According to reports, attackers have successfully robbed the network of about 12,000 ETH. That amounts to about $320 million in fiat currency terms, making it the second-largest in the decentralized finance (DeFi) space to date. Earlier, on Aug. 10, 2021, Poly Network had lost $610 million to some good-hearted hackers, mainly because they received the stolen amount back.
Wormhole has not been that lucky so far. The protocol’s official Twitter handle confirmed the attack in a tweet late Wednesday:
Prior to the confirmation, Wormhole had also announced that it had taken the network down for maintenance to “look into a potential exploit.”
According to the protocol’s website, Wormhole is a generic message-passing protocol that connects to multiple chains, including Ethereum, Solana, Terra, Binance Smart Chain, Polygon, Avalanche, and Oasis.
Wormhole also has over $1 billion in total value locked, according to Blockworks.
Based on the data available on Etherscan, the hacker used three transactions to complete the hack and transfer the stolen funds.
According to analysis from CertiK, the attacker invoked the complete_wrapped instruction with the spoofed inputs ‘ctx,’ ‘accs,‘ and ‘data’ to successfully trigger and mint Wormhole ETH for themselves.
Recommended: Crypto.com hack – 400 accounts were compromised confirms CEO Kris Marszalek
Wormhole reaches out to the hacker
Hoping to replicate the case of Poly Network, when the hacker returned the $610 million in exploits, Wormhole reached out to the attacker. According to the on-chain data, Wormhole offered the hacker a reward of $10 million if they returned the tokens.
“This is the Wormhole Deployer: We noticed you were able to exploit the Solana VAA verification and mint tokens. We’d like to offer you a whitehat agreement and present you a bug bounty of $10 million for exploit details, and returning the wETH you’ve minted. You can reach out to us at [email protected],”
the message reads.
Meanwhile, Wormhole confirmed that they have since fixed the coding security bridge on Thursday. However, we will have to wait to see if the hacker takes the $10 million whitehat reward offer and returns the funds.
As early as last week, decentralized finance protocol Qubit Finance also fell victim to a hack resulting in losses amounting to $80 million. The platform has offered $2 million in rewards to the hacker if they return it. As of now, the exploiter still holds the funds.
According to a report by blockchain research firm CertiK, hackers stole over $1.3 billion in 44 different DeFi hacks in 2021.
