• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Online Thieves Steal $320m from Crypto Firm Wormhole

You are here: Home / General Cyber Security News / Online Thieves Steal $320m from Crypto Firm Wormhole
February 3, 2022

Yet a different cryptocurrency company is giving a multimillion-dollar ‘bug bounty’ reward to those people who hacked it right after suffering a cyber-heist really worth an approximated $322m.

Wormhole operates what is regarded as a cross-blockchain bridge, enabling holders of sure cryptocurrencies to transfer tokens, information and other belongings among siloed blockchains. It provides this services to bridge Ethereum, Solana, BSC, Polygon, Avalanche, Oasis and Terra.

In a brief statement late yesterday, the agency tweeted that its network was down though it investigated a possible exploit.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Then arrived the information that users were dreading: Wormhole confirmed that attackers stole 120,000 Ethereum tokens worthy of above $320m.

Nonetheless, the agency claimed that it would be including additional Ethereum to its platform “over the next hours” to assure any assets it owns are backed 1:1. The anxiety is that without the need of this backing, several Solana end users and platforms would be helpless.

A security researcher likely by the cope with “samczsun” on Twitter has a thorough generate-up of the attack right here, possessing reverse-engineered the exploit. The hacker exploited a vulnerability on the Wormhole system, enabling them to pocket new wrapped Ethereum (wETH) without the need of needing to deposit any in return.

WETH is a version of Ethereum intended to be exchanged with other Ethereum-primarily based tokens and has the very same benefit as ETH.

Just like Qubit Finance a several days ago, Wormhole has reached out to its attacker, providing a huge $10m reward for discovering the bug.

“We discovered you were equipped to exploit the Solana VAA verification and mint tokens. We’d like to offer you you a white hat settlement, and present you a bug bounty of $10m for exploit information, and returning the wETH you’ve minted,” it mentioned in a message on the Ethereum blockchain.

The audacious cyber-heist tends to make this simply the largest theft of cryptocurrency so considerably this calendar year and the most significant these types of incident focusing on cross-blockchain bridges.

In its most the latest update, Wormhole claimed the vulnerability had now been patched, and it was doing work on having the network back again up and operating.


Some pieces of this report are sourced from:
www.infosecurity-magazine.com

Previous Post: «how sspm simplifies your soc2 saas security posture audit How SSPM Simplifies Your SOC2 SaaS Security Posture Audit
Next Post: New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software new seo poisoning campaign distributing trojanized versions of popular software»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised
  • US and Korean Agencies Issue Warning on North Korean Cyber-Attacks
  • Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
  • New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
  • The Importance of Managing Your Data Security Posture
  • Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
  • Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
  • Chinese Phishing Gang “PostalFurious” Expands Campaign
  • Kaspersky Says it is Being Targeted By Zero-Click Exploits
  • North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

Copyright © TheCyberSecurity.News, All Rights Reserved.