Wormhole’s recent exploit exposed the vulnerabilities in cross-chain bridges

Wormhole’s recent exploit exposed the vulnerabilities in cross-chain bridges

By Sam Grant - min read
  • An attack on the Wormhole Token Bridge left it short of 120,000 wETH.
  • Wormhole's parent company has since restored the stolen tokens.

On Wednesday, smart contract bridge platform Wormhole was targeted by an exploit through which an attacker minted and made away with 120,000 wETH tokens.

After confirming on Thursday morning that the vulnerabilities had been remedied, Wormhole said later in the day that the more than $320 million worth of wETH lost to the exploit had been recovered.  

"All funds have been restored and Wormhole is back up. We're deeply grateful for your support and thank you for your patience," a tweet from the team read.

The Wormhole team also told users that it was preparing an incident report on the matter, and it would release it soon.

Jump Capital, which purchased Wormhole's developer Certus One last August, got in play and has confirmed that it's the entity that replaced the stolen tokens – an essential move in preventing the community from spiralling into chaos over unbacked ETH.

"Jump Crypto believes in a multichain future and that Wormhole is essential infrastructure. That's why we replaced 120k ETH to make community members whole and support Wormhole now as it continues to develop."

Notably, the attack qualified as the second-largest single loss in DeFi history and the fourth largest across the cryptocurrency space.

How the exploit occurred

The Wormhole deployer first noticed the exploit on Wednesday night, after which its team told the community that it was taking down its website for maintenance for a potential hack. Around 18:24 UTC, the hacker targeted Wormhole's Solana VAA verification and was able to mint the 120,000 wETH tokens.

"The wormhole network was exploited for 120k wETH. ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly. We are working to get the network back up quickly. Thanks for your patience," the team explained.

The attacker redeemed 93,750 tokens into Ether and used part of the amount to acquire other tokens, including Bored Ape Yacht Club Token (APE) and Finally Usable Crypto Karma (FUCK). The remaining wETH was flipped for SOL and USDC.

Following the hack, a blockchain message shows that Wormhole extended a hand to the attacker and was ready to part with $10 million as part of a Whitehat settlement.

"We noticed you were able to exploit the Solana VAA verification and mint tokens. We'd like to offer you a Whitehat agreement and present you a bug bounty of $10 million for exploit details, and returning the wETH you've minted. You can reach out to us at [email protected]," the message read.

The smart contract ranking platform CertiK has warned that the same vulnerabilities that exposed the Solana bridge could be present on Wormhole's Terra bridge. Last month, Ethereum co-founder Vitalik Buterin warned that cross-chain bridges were not secure and could be susceptible to attacks.