Solana: hackers steal 320 million from Wormhole bridge

The Wormhole bridge, which connects the Ethereum blockchain to the Solana blockchain, was successfully attacked by hackers

Solana, hackers hit the Wormhole bridge

The news was published on Wormhole’s Twitter profile, reporting that the hacker managed to get hold of 120,000 wETH.

The wETH tokens represent ETH on Solana, so they should have the same value as ETH. 120,000 wETH would therefore currently correspond to approximately 320 million dollars. 

In order to prevent wETH from losing the “peg” with ETH, the Wormhole team has promised to intervene by expanding the collateral with additional ETH to secure the 1:1 exchange rate.

A few hours after the news of the attack, the Wormhole team reported that they have identified and fixed the problem, and that the network will be restored shortly. 

Solana Warmhole
A Solana bridge has been hacked

Wormhole’s problems

The issue now is the exchange rate between wETH and ETH, as Wormhole may not be able to guarantee parity. 

The exploit was disclosed by security researcher Paradigm samczsun, and a message, probably from the same Wormhole team, also appeared on the Ethereum blockchain, saying: 

“We noticed that you were able to exploit the Solana VAA verification and mint tokens. We would like to offer you a whitehat agreement, and present you a bug bounty of $10 million for exploit details, and returning the wETH you have minted”.

VAA verification is “validator action approval” referring to the process by which transactions are approved on Solana. 

Wormhole’s bridge not only connects Ethereum’s blockchain to Solana’s, but also to those of Binance Smart Chain, Polygon, Terra, Avalanche and Oasis. 

The hypothesis is that the hacker managed to retrieve 120,000 wETH tokens on Solana’s blockchain without depositing due collateral, i.e. out of thin air. The problem is that now, to ensure that all wETH tokens on Solana have the value of 1 ETH, 120,000 ETH will need to be deposited on the Wormhole smart contract. 

Moreover, this is not the first problem Solana has had lately, which apparently is often the target of hackers’ attention.


Source: https://en.cryptonomist.ch/2022/02/03/solana-hacker-320-million-bridge-wormhole/