A threat actor has exploited a vulnerability in the cross-chain protocol, Wormhole. It has been estimated that $323 million worth of Ethereum (ETH) has been stolen.
Wormhole has been a bridge between the Ethereum and Solana blockchains. It is a bridging protocol that allows assets to be transferred through different blockchain protocols.
It has been assumed that the attacker exploited this process to deceit the protocol’s project into releasing Ether (ETHER) and Solana (SOL) tokens way ahead of the input that was provided primitively.
In light of recent events, it has come to notice that the attacker stole digital assets worth $322.8 million at the time of the incident but now have dwindled to $294 million because of the price fluctuations after the news of the hack spread around.
Whilst the protocol’s spokesperson has not yet commented on the mishaps of today, the company has affirmed the attack on their Twitter handle. The company pointed out that the network was exploited for 120k wETH through their tweet and now has put its site down for maintenance while the investigation proceeds.
It has been observed that there has been a theft of 93,000 of the exploited Ethereum (ETH), according to the Etherscan transaction records.
Hacker offered $10 million as ‘bug bounty’ by Wormhole
It has come to light that Wormhole is now requesting the hacker to return the embezzled funds in exchange for a reward of $10 million and also a ‘whitehat contract’ which could mean that a complaint won’t be filed against the hacker by the company.
However, such contracts pardoning hackers are not legal in specific jurisdictions and hence, authorities might still go after the attacker anyway.
Not more than a week ago, an identical attack against a decentralized money market platform, Qubit Finance, took place with the hackers embezzling $80 million.
After confirmation from Wormhole about the sum of stolen funds, this mishap could likely be considered the largest hack of a digital assets platform so far, this year. It could also be the second-largest hack of a DeFi platform in history, according to data from the DeFiYield project.