A hacker made off with approximately US$300 million (~RM1.25 billion) worth of cryptocurrency recently, after it successfully hacked into the cryptocurrency portal, Wormhole. In total, the hacker stole close to 120000 wETH, a one-to-one exchangeable token with Ethereum, making it the fourth-largest crypto heist of all time. Wormhole confirmed that it had been hacked, along with the stolen amount.
As a quick primer, Wormhole is a crypto network that enables users to transfer their cryptocurrencies between a variety of cryptocurrencies and blockchains, including Ethereum, Solana, and Terra. As for how it works, the platform essentially puts users’ tokens into a smart contract within a departing chain, followed by the minting of the “wormhole wrapped” token, on the destination chain. From there, the token can then be exchanged for native tokens on the destination chain.
The wormhole network was exploited for 120k wETH.
ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly.
We are working to get the network back up quickly. Thanks for your patience.
— Wormhole🌪 (@wormholecrypto) February 2, 2022
This complicated process was also how the hackers managed to scurry off with the 120000 units of wETH. According to PC Gamer, the hacker exploited a loophole in the minting and wrapping process, but more specifically, they managed to mint the wrapped coins on a network they didn’t have to transfer, which in this case was the Solana network and the cryptocurrency SOL. One equally important point to note here is that, while hacking the network, the hacker had to ensure that the value between the stolen wrapped tokens and those of the blockchains maintained a 1:1 value. Otherwise, they run the risk of losing money during the transfer.
The investigation inside Wormhole Bridge
The attacker invoked the complete_wrapped instruction with the spoofed inputs `ctx`, `accs` and `data`
The instruction does not perform complete verification on the correctness of the input `ctx`, `accs`, and `data`. pic.twitter.com/IQAEqvphBO
— CertiK Security Leaderboard (@CertiKCommunity) February 3, 2022
At the time of writing, the stolen funds have reportedly been divided up and exchanged, with around 93000 minted tokens having been exchanged for Ethereum. Additionally, Jump Crypto, the cryptocurrency arm of Jump Trading, also jumped in to help Wormhole by replacing the stolen cryptocurrency.
If you wish to learn how the hacker exploited Wormhole’s security, security experts at Certik actually posted a step-by-step analysis of the process via its official Twitter account. So, you can check that out if you’re interested.