The Solana-based Wormhole Bridge was hacked for $325 million after the attacker managed to exploit a security flaw, making it one of the largest exploits in crypto history.
A year later, a group of white hats, along with two crypto firms, launched a “counter-exploit” against the malicious entities and clawed back a portion of stolen assets tied to the exploit.
“Counter Exploit”
The counter exploit was jointly conducted by the decentralized finance platform Oasis and Web3 infrastructure company Jump Crypto. The latter was Wormhole’s parent company and had previously replaced all the lost funds. The vulnerability was also patched.
Wormhole offered a $10 million bug bounty and white hat agreement to the attackers in exchange for returning the funds, which never transpired. This kicked off an investigation with the help of both government and private resources. Fast forward to 21st February, Oasis received an order from the High Court of England and Wales to take all necessary steps to retrieve assets involved with the wallet address associated with the exploit.
According to a report, $140 million worth of assets were successfully recovered following a counter-exploit. The retrieval was initiated via the Oasis Multisig, and the funds were returned to a court-authorized third party. The counter exploit was only possible with the approval of the Oasis Multisig.
Community Reaction
Despite the retrieval, the community remained divided as the incident unfolded over the weekend. One user pointed out that the entire event sets a bad precedent in the decentralized finance ecosystem. His tweet read,
“w/r/t this Oasis/Wormhole counter exploit that I really didn’t think we’d see court-mandated smart contract manipulation for at least a few more years. Bad precedent and condemnation of upgradable proxies.”
Oasis, however, stressed that the sole intention for granting access was to protect user assets in the event of any potential attack. The platform further asserted that this move allowed the team to quickly fix any vulnerability. It should be noted that at no point, in the past or present, have user assets been at risk of being accessed by any unauthorized party.
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.
Read More
Recently, an international team of law enforcement agencies have come together and successfully recovered 140 million dollars worth of stolen assets in what has come to be known as the “Wormhole Bridge Exploit”.
This was a daring operation which required highly coordinated efforts from various teams located around the world to prevent further loss of assets.
The intended target of the attack was a well-known blockchain network that specializes in digital currency trading. This particular blockchain network is used by a vast number of users to securely perform transactions online and store digital assets.
What made this attack unique was the way the criminals used a wormhole bridge exploit to siphon off digital assets from victims. The malicious actors used this tool to bypass security protocols by linking two distinct blockchain networks together – one that contains the stolen assets and another that has no security protocols whatsoever.
In essence, the stolen digital assets were transferred between two different networks, making it almost impossible to trace their origins and destination.
Fortunately, the law enforcement agencies had the presence of mind to act quickly and they were able to identify and apprehend the perpetrators before they could move away with the stolen assets. Thanks to their efforts, 140 million dollars worth of digital assets were recovered and returned to their rightful owners.
The Wormhole Bridge Exploit case is a stark reminder that even the most secure of systems can fall prey to determined criminals. It is therefore important for companies and individuals using digital assets to undertake necessary steps to ensure their security is not compromised and their assets remain safe.
We applaud the law enforcement members and agencies where ever they are for their quick action and diligence for ensuring justice gets served.
