Wormhole Hacker Transfers Additional $61 Million In Ether

• What – A recent report reveals that the hacker who stole 120,000 ETH from Wormhole Bridge last year has moved $61 million worth of Ethereum.
• Why – PeckShield, a blockchain security firm, revealed that the hacker moved part of the assets to an Ethereum-based decentralized protocol MakerDAO.
• What Next – DeFi hack exploitations are still prevalent, even with several firms re-enforcing security on their platforms.

Wormhole Hacker Moves $216 million From $320 Million Stolen Funds

Previously, on February 2, 2022, Wormhole, a Solana bridge, reported a loss of $320 million in assets to a hack attack. Wormhole’s team posted an update via Twitter, stating that a hacker compromised their bridge network and stole 120,000 wrapped ETH. The Wormhole attack was one of the highest hack exploitation of DeFi in 2022.

The wormhole network was exploited for 120k wETH.

ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly.

We are working to get the network back up quickly. Thanks for your patience.

— Wormhole🌪 (@wormholecrypto) February 2, 2022

After tracing the hack receiver wallet, Wormhole developers offered a $10 million bounty in return for the stolen assets, but the hacker remained silent. Instead, he left the wallet dormant for one year before moving 95,630 ETH worth $155 million for the first time in January. According to CertiK Alert, the hacker sent the 95,630 ETH to the OpenOcean DEX before converting them to ETH-pegged assets.

Per PeckShield’s report, the Wormhole hacker has moved another $61 million from the stolen funds after the first transfer in January. The report stated that the hacker exchanged the funds for algorithmic Stablecoins DAI and Staked ETH (stETH) in batches. In the first batch, he moved $46 million worth of assets, including 24,400 wrapped staked Ether (wstETH) worth $41.4 million and 3,000 Rocket Pool ETH worth $5 million.

The hacker swapped some of the tokens for 16.6 million DAI and used the funds to buy 7,750 ETH (at $1,537 each) and 1000 stETH at $1,543 each. After the purchase, he wrapped the tokens for 9,700 wstETH.

PeckShield further stated that the hacker moved another 8,800 wstETH worth nearly $15 million to MakerDAO. Cumulatively, the Wormhole hacker has moved $216 million out of the $320 million stolen assets deposited in the hacker’s wallet.

During the first transfer in January, Wormhole developers again offered a $10 million bounty in a message implanted in one of the transactions, but the hacker never responded.

Other Recent Solana-Based DeFi Exploits

Hack exploits are no new occurrences in the DeFi ecosystem. However, according to statistics, DeFi platforms recorded the highest number of hack exploitations over the past year, with Wormhole as one of the biggest in 2022.

In December 2022, a Solana decentralized exchange Raydium reported a hack attack of over $2 million. According to the report, the hacker took control of the crypto exchange’s admin address and moved the funds. 

In Raydium’s tweet, the firm provided a link to the hacker’s account, which held $1.45 million worth of Solana-based tokens at the time. Per Solscan on-chain data, the hacker’s balance contained about $1.4 million in SOL and $44,000 in SPL tokens.

A blockchain intelligence service provider, Arkham, said that the Solana account had previously drained many liquidity pools on Raydium. 

The firm recommended that users withdraw their funds from Raydium quickly till further notice. However, further investigation by an on-chain investigator, ZachXBT, revealed the hacker had already bridged about $2 million in assets to Ethereum.

Due to these hack attacks, many cryptocurrency platforms have started implementing new features to enhance security and protect user assets.