Wormhole, a popular cross-chain crypto bridge between suntrap, Ethereum, Avalanşă, and others, has restored its missing funds after a hacker yesterday managed to siphon 320 de milioane de dolari în Wrapped Ethereum (wETH) out of the protocol.
wETH in Wormhole is a cryptocurrency pegged to the price of Ethereum but interoperable with other networks. To create wETH, users must first stake Ethereum.
The Wormhole team announced on Twitter today that “All funds have been restored and Wormhole is back up.” In a follow-up tweet, they said they fixed the vulnerability shortly after midnight UTC, and “all wETH are backed up 1:1” as of 13:08 UTC.
Echipa lucrează la un raport detaliat al incidentului și îl va distribui cât mai curând posibil
18:26 UTC – contractul a fost exploatat pentru 120k ETH
00:33 UTC – vulnerabilitatea a fost corectată
13:08 UTC – Contractul ETH a fost completat și toate WETH sunt susținute 1:1
13:29 UTC – Portalul (token bridge) este înapoi
— Wormhole 🌪 (@wormholecrypto) 3 Februarie 2022
Blockchain analytics site Eliptice concluded that the exploit was due to Wormhole’s failure to validate “guardian” accounts, resulting in the attacker being able to mint 120,000 wETH with no ETH backing it.
The hacker then exchanged 93,750 wETH for Ethereum and changed the remainder for Solana, which they’ve left untouched in their Solana wallet.
Who restored the funds?
After Wednesday’s hack, Wormhole a trimis un mesaj to the attacker on the Ethereum blockchain.
It said: “This is the Wormhole Deployer: We noticed you were able to exploit the Solana VAA verification and mint tokens. We d [sic] like to offer you a whitehat agreement, and present you a bug bounty of $10 million for exploit details, and returning the wETH you’ve minted.”
Half an hour later, the team tweeted that Wormhole was “down for maintenance as we look into a potential exploit.”
‼️ Rețeaua de găuri de vierme este oprită pentru întreținere, în timp ce analizăm o posibilă exploatare.
📢 Vom oferi actualizări aici de îndată ce le vom avea.
🙏 Vă mulțumim pentru răbdare.
— Wormhole 🌪 (@wormholecrypto) 2 Februarie 2022
Wormhole then broke news of the exploit on Twitter, adding, “ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly.”
Rețeaua de găuri de vierme a fost exploatată pentru 120k wETH.
ETH va fi adăugat în următoarele ore pentru a vă asigura că wETH este susținut 1:1. Mai multe detalii vor veni în curând.
Lucrăm pentru a reporni rapid rețeaua. Mulțumesc pentru răbdarea dvs.
— Wormhole 🌪 (@wormholecrypto) 2 Februarie 2022
Cross-chain attacks
Attacks on cross-chain bridges are multiplying as more blockchains become popular. Last week, a cross-chain bridge in DeFi protocol Qubit was piratat pentru 80 de milioane de dolari.
The week before that, S-au scurs 3 milioane de dolari by multiple hackers attacking cross-chain router protocol Multichain. A whitehat hacker later returned $900,000 of it, but the rest is still unaccounted for.
Clearly, cross-chain vulnerabilities have to be addressed if this is not to become a weekly occurrence.
Source: https://decrypt.co/91962/crypto-bridge-wormhole-replenished-after-hack-320m-ethereum
- "
- 000
- 11
- Acord
- TOATE
- Google Analytics
- a anunțat
- fiind
- blockchain
- POD
- Bug
- contract
- Cross-Chain
- cripto
- cryptocurrency
- DEFI
- jos
- Eliptice
- ETH
- ethereum
- Etanșul blocului
- Exploata
- First
- Fondurile
- tutore
- hack
- hacker
- hackeri
- aici
- HTTPS
- IT
- LINK
- milion
- reţea
- rețele
- ştiri
- oferi
- Altele
- Popular
- Portal
- prezenta
- preţ
- protocol
- furniza
- raportează
- REST
- Said
- Distribuie
- suntrap
- miză
- astăzi
- semn
- indicativele
- tweet
- stare de nervozitate
- actualizări
- utilizatorii
- UTC
- Verificare
- Vulnerabilitățile
- vulnerabilitate
- săptămână
- săptămânal
- de lucru