"Second Largest DeFi Hack Attack" in History Wormhole Lost About $320 Million

星球君的朋友们

Odaily资深作者

2022-02-03 05:33

This article is about 1253 words, reading the full article takes about 2 minutes

Wormhole was hacked and about 120,000 ETH was stolen, making it the second largest DeFi hack to date.

Original source: BitpushNews

Original Author: Amy Liu

Original source: BitpushNews

Original Author: Amy Liu

One of the largest bridges between blockchains, Wormhole was hacked for an estimated $320 million, or 120,000 ETH — making it the second-largest DeFi hack to date.

Wormhole said earlier today that the network was down for maintenance, with a statement on its official website: "The portal is temporarily unavailable."

According to a previous report by Bitui, Poly Network, which specializes in cross-chain technology, announced that its main network was hacked, and its users’ assets on the three blockchains of BSC, Ethereum, and Polygon were transferred to a total of 610 million US dollars, which exceeded the previous DeFi. The security incident has become the largest DeFi security incident so far.

Last week, hackers stole $80 million from decentralized finance protocol Qubit Finance.

Wormhole is a protocol that allows users to bridge assets across blockchains. It has over $1 billion in total value locked and supports six blockchains: Terra, Solana, Ethereum, Binance Smart Chain, Avalanche, and Polygon.

“As far as we know, only wETH is currently affected, no other tokens are affected,” a Wormhole administrator named d231d wrote in his Telegram group.

The administrator added that the portal bridge was down and asked members not to initiate further transactions.

Some users reported stuttering transactions, but admins stated that "once the network returns to normal, you will be able to redeem the tokens you sent to the bridge."

While it's unclear how the hackers exploited the network, it occurred in three separate transactions around 2 p.m. ET on Wednesday, according to Etherscan.Wormhole sent an on-chain message to the hacker about an hour after the exploit, offering a bounty to return the tokens.”

The message reads:

“We noticed that you were able to validate and mint tokens using Solana VAA. We would like to provide you with a white hat agreement and a $10 million bug bounty for exploit details and return your minted wETH .

The way cross-blockchain bridges usually work is to take an asset (such as ETH) and lock it in a contract in order to issue a parallel asset on the bridge chain.

It’s unclear what impact that might have on the Solana lending market and other protocols if the ETH issued by Wormhole couldn’t be bridged to the ethereum main chain and is now worthless.

George Harrap, founder of Solana DeFi platform Step Finance, told CoinDesk in an interview that he expects Jump Capital, which bought Wormhole developer Certus One in August 2021, to step in to back the hacked ETH. If not, many Solana-based platforms that accept ETH as collateral may now be partially insolvent, he added.“If no one backs it and the token really disappears, Wormhole ETH is worth 0 and everyone holding the balance becomes worthless, DeFi protocols, users, everyone,” he said.In a subsequent tweet,