Wormhole, an online cryptocurrency trading platform, fell victim to a hack on Wednesday. Criminals have stolen 120,000 digital tokens that together are worth about 320 million dollars. This is equivalent to approximately 283 million euros. This puts the Wormhole heist at number three of the largest digital bank robberies to date.
Blockchain researchers from the company Elliptic say the hackers were able to create fraudulent wETH tokens. They transferred nearly 94,000 of these to the Ethereum blockchain. In this way, the hackers created the 120,000 Ethereum tokens from scratch.
This action was possible because Wormhole didn’t have a good way to validate so-called ‘guardian accounts’. These are the accounts that are allowed to ‘mint’ new tokens, as the creation of tokens is called.
Wormhole has offered the hacker ten million dollars to transfer all the stolen money back. The platform made this offer through an Ethereum transaction. It stated the following:
“ This is the Wormhole Deployer: We noticed you were able to exploit the Solana VAA verification and mint tokens. We d like to offer you a whitehat agreement, and present you a bug bounty of $10 million for exploit details, and returning the wETH you ve minted. You can reach out to us at firstname.lastname@example.org. †
The cybercriminal did not respond to this. Wormhole does report that the weak point in the system has since been repaired.
Jump Trading assists
On Thursday, the cryptocurrency division of the trading company Jump Trading jumped in. Jump Trading transferred more than $320 million in cryptocurrency to Wormhole following the hack.
Jump Crypto, as the department is called, gave the following reason for this action on Twitter: “ Jump Crypto believes in a multichain future and that Whormhole is essential infrastructure. That’s why we replaced 120k ETH to make community members whole and support Wormhole now as it continues to develop. †
It is not surprising that Jump Trading helps the platform. In August, this Chicago-based company acquired Certus One. Certus One is the developer of Wormhole.
Crypto platforms are at high risk
Many people put money into crypto through ‘Decentralized Finance (DeFI)’ websites, such as Wormhole. These websites are therefore being developed at a rapid pace. The problem with this is that they are not immediately well protected against cybercrime. Together with the large amounts of money circulating on the websites, they make an interesting victim for criminals.
Fraud and theft on DeFi platforms surpassed $10 billion by 2021. The biggest hack took place in August. Then hackers stole about 610 million dollars (540 million euros) from the DeFi platform Poly Network. In the end, the perpetrators paid back most of this amount.
The second-largest hack took place in 2018. When USD 530 million was stolen from the Coincheck platform from Tokyo.
Catch up on more articles here
Follow us on Twitter here