Earlier this week, an explosion of on-chain activity was observed at the address associated with the 320 million-dollar Wormhole exploit.
The hacker of Wormhole, one of the largest cross-chain bridges between Solana and other blockchains has transferred stolen cash totalling $155 million in ETH to a decentralized exchange for the first time in months.
CertiK’s blockchain data indicated that 95,630 ETH was transmitted to the OpenOcean DEX before being converted into ETH-pegged assets such as Lido Finance’s staked ETH (stETH) and wrapped staked ETH (wsETH) (wstETH).
The exploiter then utilized the wrapped staked Ether (wstETH) as collateral for a $13 million loan in the stablecoin DAI in order to purchase almost 7,989.5 ETH through KyberNetwor. The deals were performed several times.
Following the unexpected surge in on-chain activity, the team offered the hacker a $10 million bounty in an embedded message in a transaction using the Wormhole: Deployer, which read,
“We would like to reiterate our previous offer of a $10 million bounty for the total return of all the stolen funds. You can reach out to us at [email protected] or reply on chain.”
With the increased activity, Ancilla, a cybersecurity firm, has warned that many of the ad listings displayed by Google for the search “Wormhole Bridge” are phishing websites.
This exploit was one of the most significant cyberattacks of 2022. The hacker took advantage of a flaw in the popular cross-chain protocol’s validation system, allowing them to illegally generate wrapped ETH, which was then converted into ETH.
The hacker stole approximately 120,000 Wormhole Ethereum (WeETH) valued at over $320 million in a series of transactions.