How did the Wormhole hack happen and what does it mean for investors using any of the blockchains it bridges—like Ethereum, Solana, and Polygon?
Wormhole hackers made off with 120,000 Ether.
On Feb. 2, crypto company Wormhole wrote on Twitter, “The wormhole network is down for maintenance as we look into a potential exploit. We will provide updates here as soon as we have them.”
Shortly after, reports came to light that hackers made off with 120,000 Ether, or about $320 million.
The stolen cryptocurrency came in the form of wETH, which is Wormhole’s token that trades on the Ethereum blockchain. Wormhole’s token is designed to operate on a 1:1 value equivalency with Ether, but wETH inflated when hackers cashed out 120,000 tokens. As a result, Wormhole was required to add Ether to balance the values between the assets.
What does Wormhole do?
Wormhole is a blockchain bridge, which means that it’s a protocol that supports the integration of different blockchains—Terra, Solana, Ethereum, Binance Smart Chain, Avalanche, and Polygon. People can use Wormhole to integrate apps to live across chains simultaneously. Also, Wormhole-wrapped NFTs are a thing.
When you think about how interconnected Wormhole is with the rest of the crypto ecosystem, a hack this size feels that much more threatening.
Wormhole isn't the only DeFi hack.
The week before the Wormhole hack, another exploit cost a DeFi platform big. Hackers nabbed $80 million in assets from Qubit Finance.
The Wormhole hack is the result of a three-part transaction that took place on the Wormhole bridge. About an hour after the last transaction, Wormhole offered the hackers $10 million to return the tokens in a white-hat agreement. Sometimes, hackers will exploit DeFi technology to make the platforms aware of their vulnerabilities and accept a reward in return for the stolen tokens.
Whatever the case, Wormhole found 120,000 Ether somewhere. Users' funds have been restored, which was Wormhole’s biggest concern at the time. Now, the bridge is focused on continuing negotiations and patching vulnerabilities.