Looks like the rough patch for DeFi is continuing in the month of February as well. DeFi Project Wormhole Suffers $320 Million Hack : Wormhole, a DeFi protocol has been hacked and over $320 million worth of wrapped ether has been stolen. At the time of this writing, 120,000 wETH was worth approximately $323,000,000.
In response to this hack, the team behind the Wormhole protocol has temporarily pulled the entire thing down. The protocol allows interaction across different blockchains.
“The wormhole network is down for maintenance as we look into a potential exploit,” the Wormhole team tweeted. “We will provide updates here as soon as we have them. Thank you for your patience.”
“The wormhole network was exploited for 120k wETH,” wrote the team. “ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly. We are working to get the network back up quickly.”
More about DeFi Project Wormhole Suffers $320 Million Hack
The Wormhole team announced a $10 million bounty for the hacker(s) if they return the money. “We’d like to offer you a whitehat agreement,” read the message in part. “And present you a bug bounty of $10 million for exploit details, and returning the wETH you’ve minted. You can reach out to us at contact@certus.one.”
Wormhole was able to patch the vulnerability which led to the exploit later, and tweeted that they are working to get the network back online.
Wormhole is known as “Blockchain Bridge” which allows users to swap Solana directly for other cryptocurrencies on decentralized apps, or dApps. Cryptocurrency holders have pointed out that this theft is a big deal as stolen cryptocurrency wasn’t regular Ethereum but wrapped Ethereum, and wrapped ether is fundamental to the function of many decentralized applications across the Ethereum like dApps.
Wormhole company logo
Update:
Wrapped Ethereum was stolen on Wednesday and on Thursday, Wormhole tweeted that “all funds have been restored” and that its system has been returned to normal. Wormhole has not explained if or how it was able to retrieve the stolen funds or how the hack happened in the first place.
“The exploit resulted from Wormhole’s failure to validate guardian accounts — allowing the attacker to mint 120,000 ETH out of thin air,” Elliptic, a blockchain analysis company, said in a blog post. “This adds to the more than $2 billion in direct losses suffered by DeFi services due to hacks and exploits.”
The Wormhole incident is ranked currently the second-largest DeFi hack ever, and the largest so far in 2022. Last year in August, hackers stole an estimated $611 million worth of cryptocurrency from Poly Network exchange. The hackers returned all the money after a bounty was announced for them. Last month in January, DeFi platform Qubit Finance lost $80 million worth of cryptocurrency. Qubit has asked the hacker to return the funds, so far to no avail.