The token bridge called Wormhole has experienced a security exploit, leading to the loss of 120,000 wrapped Ether (wETH) tokens, worth approximately $322 million. The hack is the largest crypto hack in 2022 so far, underlining the fact that hackers and cybercriminals are increasingly targeting decentralised finance ( DeFi) platforms.
Token bridges like Wormhole allow users to receive cryptocurrencies of different forms Ether, Solana and more without needing a centralised exchange to act as a custodian. It allows users to receive cryptocurrencies in Solana, Binance Smart Chain (BSC), Polygon, Oasis, Avalanche and Terra. Wormhole has offered a bug bounty of $10 million to anyone who can return the funds
The wETH token is a separate token built on the Binance Smart Chain (BSC) of the Ethereum platform’s ERC20 system. And, the hack took place on the Solana side of the token bridge. Security experts have reverse engineered and explained the hack on Twitter now that it has been patched. The Wormhole team has assured users that its wETH supply will be renewed soon enough
The hack itself took place on February 2, the attackers had redeemed 93,750 wETH, worth about $350 million, The hackers have used these funds to buy SportX (SX), Meta Capital (MCAP), Finally Usable Crypto Karma, and Bored Ape Yacht Club (BAYC) tokens
They also swapped some of the Solana tokens they stole for USDC, suggesting that they’re looking to convert the tokens into fiat currency. Cointelegraph reported that the wallet still had over $44 million worth of Solana tokens left after these transactions.
The Wormhole hack isn’t exactly a first of a kind incident though. The DeFi platform is one in a pretty long line of platforms that have run into trouble from scammers and hackers. In fact, in December last year, blockchain tracking firm Chainalysis reported that scammers had taken away over $14 billion in cryptocurrencies from DeFi platforms over the past year.