$324 million stolen from blockchain platform Wormhole
Wormhole, a popular blockchain bridge, confirmed on Wednesday evening that hackers stole crypto-assets worth $324 million.
The platform serves as a bridge between different blockchains and allows users to transfer cryptocurrency. The company confirmed in a series of Tweets that 120k wETH was stolen from the platform and the network was down for maintenance as they looked into a potential exploit.
The platform’s website has “Portal is Temporarily Unavailable” in block letters but no other message. Researchers found evidence of an 80,000 ETH transfer from Wormhole as well as another 40,000 of ETH being sold by the hacker on Solana.
Elliptic’s Tom Robinson shared a message from Certus One, the company behind Wormhole, to the hacker offering $10 million for the exploit details and return of all the cryptocurrency.
The company said the hacker exploited “the Solana VAA verification and mint tokens” in the message.
By around 8 pm EST, the company said the vulnerability was patched and the network was being restored. Multiple researchers released detailed threads explaining the vulnerability the hacker exploited.
Jump Capital, which purchased Certus One in August 2021, did not respond to requests for comment. The company also invested in crypto platform AscendEX, which suffered its own $77.7 million hack on December 11. Just five days ago, Qubit Finance took to Twitter to beg hackers to return more than $80 million that was stolen from them.
The recent hacks continue a run of attacks on DeFi platforms that have occurred over the last year. Chainalysis said at least $2.2 billion was outright stolen from DeFi protocols in 2021.