TokenInsight news, On Feb2, 2022, Wormhold network was hacked and the attacker mint 120k WETH on Solana without any ETH backed. The attacker then bridged 93.75k ETH to Ethereum network. Jump Crypto later announced that it would recapitalize weETH to make it fully backed. The total duration of the incident was ~16 hours.
What happened:
Wormhole network is operated by 19 Guardians that validate funds deposit on one chain and insurance on another chain.
1. 18:24 UTC - An attacker exploited a vulnerability in the Solana-side Wormhole contract and tricked it into minting 120,000 weETH. The attacker redeemed 93.75k weETH back to ETH and swapped the rest into SOL.
2. 19:07 to 19:20 UTC - The unusual transactions were noticed by Wormhole contributors and incident confirmed, holding emergency call with Jump Crypto, Neodyme, major stakeholders, researchers.
3. 19:33 to 20:14 UTC - Bug fixing and testing.
4. 20:15 UTC - A proposal to send $10m to the attacker if he/she can send the weETH back. And, got no response.
5. 13:08 UTC - Jump Crypto replenished the contract with 120k ETH, restoring full collateral.
6. Until 13:29 UTC - The vulnerability was fixed and Wormhole network was back online.
The root cause of the exploit was a bug in the signature verification code of the core Wormhole contract on Solana. This bug allowed the attacker to forge a message from the Guardians to mint Wormhole-wrapped Ether.
Source Security Incidents
Get the most concise crypto news, research, and insights by subscribing to our free newsletter.