BlocksInform
The protocol vortex underwent a significant hack after an attacker exploited a vulnerability in the protocol and stole nearly $323 million worth of eth. The vortex acts as a bridge between the ethereum and solana blockchain, enabling users to convert one cryptocurrency into another.
Details about the hack.
Although it is not fully clear how the attacker performed the attack, evidence suggests the attacker exploited the process by which the bridge converts a cryptocurrency into a temporary token, which may then be converted to the desired exit currency.
The hacker used the same process and misled the protocol by releasing ground and eth tokens, this makes the protocol free of much larger output tokens than the ones originally provided by the hacker and successfully steals eth worth $322.8 million. As a result of price movements, stolen cryptocurrency has since depreciated to $294 million.
The details of the hack were further explained on a Twitter thread by Kelvin Fichter, who detailed exactly how the hacker exploited the vulnerability and drained out ETH.
Wormhole Patches Vulnerability
Wormhole has so far not commented on the developments but confirmed the attack on Twitter while also stating that it would be putting its network on maintenance mode as it investigated the attack. The protocol tweeted,
“The wormhole network is down for maintenance as we look into a potential exploit. We will provide updates here once we have them. Thanks for your patience."
The protocol also shared some details concerning the hack, claiming that the network was exploited for 120k weth. He said he would add eth within the next few hours and ensure weth will be available 1:1. Several hours later, the protocol went back on twitter to reassure users that it had corrected the vulnerability, the team working on the setting up and functioning of the network.
An Emerging Trend
Tal Be’ery, ZenGo CTO, stated that the hack was part of an emerging trend where hackers have been exploiting vulnerabilities in blockchain bridges. A week ago, Qubit Finance fell victim to a similar hack where a hacker stole 80 million dollars. Speculation is widespread that the wormhole is likely the largest hack involving a cryptocurrency platform during the year and the second largest hack of a decentralized financial platform.
Wormhole Issues Appeal
Wormhole, on its part, issued an appeal to the hacker, asking them to return the stolen funds in exchange for a $10 million reward and a whitehat contract. This means the wormhole would not file any criminal complaint or action against the hacker. However, it is important to remember that the authorities could always decide to pursue the hacker in all cases, regardless of the vortex refusing to pursue the issue.
