spot_img
HomeCrypto NewsMarketCrypto Biggest Hack Of 2022, Hackers Abstract 120K WETH Worth $319M From A Cross-Chain Bridge

Crypto Biggest Hack Of 2022, Hackers Abstract 120K WETH Worth $319M From A Cross-Chain Bridge

Date:

Written By:

Latest News

- Advertisement -

On February 3, the Wormhole cross-chain protocol based on Solana was hacked. 

- Advertisement -


A wormhole is a cross-chain messaging protocol that connects high-value blockchain networks.

The attackers took advantage of the exploit and withdrew 120,000 WETH from the project pool (over $319 million).

The transaction can be seen here:

- Advertisement -

https://etherscan.io/tx/0x24c7d855a0a931561e412d809e2596c3fd861cc7385566fd1cb528f9e93e5f14

The developers later reported that the vulnerability was patched, and the team was working on getting the network back up as soon as possible.

CertiK explained that Wormhole smart contracts did not fully validate the input data, which allowed transactions to be initiated with incorrect variables. Thanks to this vulnerability, hackers withdraw 120k WETH to their address.

Certik Finding says:

“The attacker invoked the complete_wrapped instruction with the spoofed inputs `ctx`, `accs` and `data.`

The instruction does not perform complete verification on the correctness of the input `ctx,` `accs,` and `data.`

In this case, the spoofed data will be passed and processed. The mint authority for the Wormhole ETH is a PDA and will sign the “mint” instruction. Lastly, the “invoked_seeded instr” will be successfully triggered and mint Wormhole ETH to the attacker.”

Recall that in January 2022, the founder of Ethereum, Vitalik Buterin, called cross-chain bridges vulnerable due to problems related to the security of assets.

- Advertisement -

Author

More from Author

LEAVE A REPLY

Please enter your comment!
Please enter your name here