Hackers steal $320 million from blockchain bridge Wormhole

moneycontrol.com:

Around 120,000 “wrapped ethereum” (WETH) tokens, valued at around $320 million, have been stolen from the Wormhole portal, which allows easy transfer of cryptocurrencies and non-fungible tokens (NFTs) between solana and ethereum blockchains.

A CNBC report described it as the second-biggest “decentralised finance (DeFI) heist” after the $600-million Poly Network crypto steal last year. The report also said it was the largest attack on solana, which is gaining popularity in NFT and DeFI spaces.

Wormhole, which works closely with other chains like Avalanche, Binance Smart Chain, Oasis, Polygon, and Terra, allows users to take "wrapped" assets from one chain or platform and use them on another.

By doing so, users can take advantage of lower fees across various platforms. Launched in August 2021, Wormhole holds around $1 billion in deposited funds.

Wrapped assets refer to cryptos that are wrapped or enclosed in a digital vault. The value of these assets is pegged to the value of another crypto or assets like gold, stocks, or more.

To transact on DeFi platforms with these wrapped assets, a new token is minted. In this case, the crypto exploited ie wrapped ether tracks ethereum, the second-largest cryptocurrency by market capitalisation.

To get ethereum into solana, users must first lock it into a smart contract and then get an equivalent amount in wrapped ethereum. Thereafter, they can trade WETH for solana-based tokens.

Hackers were able to bypass the process to mint WETH tokens without having to lock up ethereum.

The users were notified about the hacking on February 2 by developers representing Wormhole, saying the network was "down for maintenance" following a potential network hack.

Later, a message on the ethereum blockchain