Written by Tonya Riley
Feb 3, 2022 | CYBERSCOOP
A hacker stole $320 million worth of Ethereum cryptocurrency from a decentralized finance platform Wormhole on Wednesday. The attack is the largest against the cryptocurrency industry so far in 2022 and one of the top hacks of the industry to date.
As of Thursday morning, all of the stolen funds were “restored,” the trading platform was back up, and an incident report was coming soon, according to tweets by the company. The vulnerability used by the attacker had been fixed, Wormhole said late Wednesday.
The platform allows users to send Ethereum and Solana cryptocurrencies across two different blockchains. A preliminary analysis of the attack by blockchain security firm CertiK shared with CyberScoop found that the hacker was able to exploit a vulnerability that allowed it to create a fake Solana transfer that it used to claim real Ethereum.
“We seem to be at an awkward point where the demand for cross-chain infrastructure is far outpacing the industry’s ability to build services securely.” Connie Lam, head of CertiK incident response team, wrote in an email to CyberScoop. Lam says that bridges are an attractive target because they operate across multiple chains