The Solana-based Wormhole Bridge was hacked for $325 million after the attacker managed to exploit a security flaw, making it one of the largest exploits in crypto history.
A year later, a group of white hats, along with two crypto firms, launched a “counter-exploit” against the malicious entities and clawed back a portion of stolen assets tied to the exploit.
“Counter Exploit”
The counter exploit was jointly conducted by the decentralized finance platform Oasis and Web3 infrastructure company Jump Crypto. The latter was Wormhole’s parent company and had previously replaced all the lost funds. The vulnerability was also patched.
Wormhole понуди a $10 million bug bounty and white hat agreement to the attackers in exchange for returning the funds, which never transpired. This kicked off an investigation with the help of both government and private resources. Fast forward to 21st February, Oasis добиени an order from the High Court of England and Wales to take all necessary steps to retrieve assets involved with the wallet address associated with the exploit.
Според пријавите, $140 million worth of assets were successfully recovered following a counter-exploit. The retrieval was initiated via the Oasis Multisig, and the funds were returned to a court-authorized third party. The counter exploit was only possible with the approval of the Oasis Multisig.
Реакција на заедницата
Despite the retrieval, the community остана divided as the incident unfolded over the weekend. One user pointed out that the entire event sets a bad precedent in the decentralized finance ecosystem. His чуруликам читај
“w/r/t this Oasis/Wormhole counter exploit that I really didn’t think we’d see court-mandated smart contract manipulation for at least a few more years. Bad precedent and condemnation of upgradable proxies.”
Oasis, however, stressed that the sole intention for granting access was to protect user assets in the event of any potential attack. The platform further asserted that this move allowed the team to quickly fix any vulnerability. It should be noted that at no point, in the past or present, have user assets been at risk of being accessed by any unauthorized party.
Binance Free 100 $ (ексклузивно): Користете ја оваа врска да се регистрирате и да добиете бесплатни $100 и 10% попуст на таксите на Binance Futures првиот месец (услови).
PrimeXBT Специјална понуда: Користете ја оваа врска да се регистрирате и да го внесете кодот POTATO50 за да добиете до 7,000 УСД на вашите депозити.
Source: https://cryptopotato.com/wormhole-bridge-exploit-140m-worth-stolen-assets-recovered/