Blockchain Bridge ‘Wormhole’ Suffers Possible $326 Million Exploit

Wormhole, the popular blockchain bridge for connecting Ethereum, Solana and others, has suffered a possible hack worth over US$326 million and is now attempting to negotiate on-chain with the hacker.

120,000 ETH Currently in Hacker’s Address

The team at Wormhole has reached out to the exploiter’s address on the Ethereum network and offered a US$10 million bounty for returning the money:

In a tweet, Wormhole confirmed that the bridge was down while the team investigated a potential exploit. The bridge’s official website simply reads: “Portal is temporarily unavailable”.

The hack was identified when on-chain analysts called attention to an 80,000 ETH transaction from Wormhole to an address currently also in possession of over US$250 million worth of ETH. According to the developer, the hacker also kept 40,000 ETH on Solana, where they have been selling for other assets.

In a tweet, prominent pseudonymous Paradigm security researcher “samczsun” confirmed that the Wormhole team had offered the hacker(s) a bounty for returning the stolen funds:

Exploit Sounds Alarm in the DeFi World

The exploit has caused alarm in DeFi circles because it means Ethereum that has been bridged to Solana may be unbacked. Cross-blockchain bridges often take assets, such as Ethereum, and lock them in a contract to issue a parallel asset on the bridge’s chain.

Massive Exploits Continue to Plague the Industry

Earlier this month, decentralised lending platform Qubit Finance suffered a hack of its smart contract governing deposits on the Ethereum-Binance Smart Chain bridge, losing 206,809 BSC in the biggest hack of the year so far. Last October, CREAM Finance was exploited for a third time during 2021 for a whopping US$130 million.