Leaders at the firm announced that millions of dollars worth of cryptocurrency were stolen from accounts on Crypto Platform Wormhole Wednesday night. These funds have been returned to users.
Wormhole, also known as Decentralized Finance, allows users to exchange solana for other cryptocurrencies via decentralized apps or dApps across the ethereum cryptocurrency network. This is known as a “blockchain Bridge” service.
Wormhole’s bridge platform hack was first reported by Wormhole on Wednesday night. Wormhole stated that the company’s system had been taken offline temporarily to allow its maintenance team to “look into a possible exploit.” The company later tweeted that hackers had stolen 120,000 wrapped ethereum tokens (or wETH) valued at around $320 million. Wrapped ethereum, which is basically the tradable form of ethereum currency, is what it is. Wormhole stated in a tweet that any wETH taken in the hack would replace it with plain (nonwrapped) tokens of ethereum.
Wormhole announced that all funds had been restored and that the system was back to normal on Thursday. Wormhole did not explain how or if it was able retrieve the stolen funds, or why the hack occurred.
CBS MoneyWatch reached out to the firm but did not receive a response.
According to Elliptic, a London-based blockchain analysis firm, Wormhole, the Wormhole team offered $10 million in return for information on the hacker’s execution and the return of stolen assets.
Elliptic stated that the Wormhole incident was caused by hackers creating a fake account and using it to create their own Ethereum tokens. Users are required to create a guardian account on DeFi platforms such as Wormhole before they can use it to store cryptocurrency. This is a safer option that requires two-step authorization.
Elliptic stated in a blog post that the exploit was due to Wormhole’s failure validate guardian accounts. This allowed the attacker to make 120,000 ETH from thin air. This adds to the over $2 billion in direct losses that DeFi services have suffered due to hacks or exploits.”
Wormhole is the second largest DeFi hack and the largest in 2022. Hackers stole $611 million from crypto exchange Poly Network last August. The hackers responsible for the hack eventually returned all of their money.
Qubit Finance, a DeFi platform, had $80 million worth binance coin stolen by hackers last month. Qubit Finance has requested the hacker to return funds but to no avail.
Crypto.com reported that a hacker stole $30 million from customers last month. According to a statement posted by the Singapore-based crypto exchange on its corporate blog, hackers managed to bypass its 2-factor authentication system and withdraw funds to 483 customer accounts.
Wormhole’s story is a prime example of why financial professionals advise clients to avoid investing large amounts of money in cryptocurrency. Ryan Firth, a Texas financial planner with Mercer Street Financial, stated that Wormhole and Qubit are all tales of buyer beware.
Firth stated that it just showed that decentralized finance (DeFi), is still in its infancy. He also said that code flaws could lead to loss of invested assets. The moral of the story is to not invest more than what you are willing to lose in crypto.
While cryptocurrency is growing in popularity it has been left unregulated in America. Gary Gensler, Chair of the U.S. Securities and Exchange Commission, stated last year that cryptocurrency is “rife” with fraud, scams, and abuse and “more like a Wild West.” Gensler stated that cryptocurrencies are not registered securities and don’t have proper disclosures or market oversight. He said that this leaves prices vulnerable to manipulation and leaves investors exposed.
Gensler stated that although the SEC has won numerous cases against fraudsters in its case, the agency still needs to be given more authority by Congress to regulate crypto markets.
