On Wednesday, the decentralized finance (DeFi) platform wormhole was the victim of the biggest cryptocurrency theft of the year — and Among the top 5 biggest crypto hacks Always — when an attacker exploits a security flaw and earns nearly $ 325 million.
This attack appears to be the result of a recent update to the project’s GitHub repository. This reveals a fix for a bug that hasn’t yet been deployed to the project itself.
The attack occurred on February 2nd, and posts from the Wormhole Twitter account were posted on the network. “Down for maintenance” A potential exploit has been investigated. A Later post From the wormhole, I confirmed the amount of money that was hacked and stolen.
The wormhole network was abused at 120kWETH.
ETH will be added over the next few hours so that wETH is backed up 1: 1. Details will be released soon.
We are working to restore the network quickly. Thank you for your patience.
— Wormhole (@wormholecrypto) February 2, 2022
Immediately after the attack, the wormhole team provided hackers with a $ 10 million bounty and returned the funds.This bounty is as a text transaction It will be sent to the attacker’s Ethereum wallet address.
Wormholes provide a service called “bridges” between blockchains. It’s basically an escrow system that allows you to deposit one type of cryptocurrency and create an asset in another. This allows an individual or entity holding one cryptocurrency to make a transaction or purchase using another cryptocurrency. It’s like funding your bank account in dollars and using your bank card to buy something priced in euros.
In order to carry out the attack, the attacker forged a valid signature of the transaction, giving him the freedom to create 120,000w ETH. “Wrapped” Ethereum Equivalent on the Solana blockchain, the value at the time of theft is $ 325 million and you don’t have to enter the equivalent amount first.Then this was replaced About $ 250 million on Ethereum It was sent from the wormhole to the hacker’s account and effectively liquidated most of the platform’s Ethereum funds that were held as collateral for transactions on the Solana blockchain.
The open source code commit indicates that the code that would have fixed this vulnerability was written as early as January 13. Upload to Wormhole GitHub repository On the day of the attack. Only a few hours later, the vulnerability was exploited by hackers, suggesting that updates have not yet been applied to production applications.
Matthew Garrett as a software developer Observe on TwitterThe code upload was described as if it were a regular version update, but it actually contained significant changes. This could upset an attacker with the fact that it is a disguised security fix.
Another file available from the Wormhole Github page Security audit details It was conducted by security research company Neodyme from July to September 2021. It was unclear if the vulnerability was present during the audit period and Neodyme did not respond to a request for comment.
Due to the nature of cross-chain applications, the attack temporarily left a large deficit between the amount of wrapped Ethereum held in the wormhole bridge and the amount of regular Ethereum. It’s as if the collateral assets that support the loan suddenly disappeared.Attacks, according to Forbes Caused a 10 percent drop At the value of Solana cryptocurrency in the aftermath of hacking.
The Wormhole team has announced that more Ethereum will be added to the bridge to replace the stolen collateral funds. This effectively means that the company needs to find $ 325 million in assets to fill the gap.
At this stage, it is unknown where the money comes from. Questions sent to JumpCrypto, the parent company of the Wormhole application developer, did not receive an answer at the time of publication.