Skip to content

Wormhole’s $320 million exploit restored by Jump Trading

  • by
  • 2 min read

After suffering one of the worst exploits in the crypto world, Wormhole’s parent company, Jump Trading, has stepped in to replace the lost 120000 ETH coins, potentially saving the platform and preventing widespread damage across the entire DeFi ecosystem. The platform confirmed this with a Tweet on Thursday.

Jump Trading bought Wormhole developer Certus One in August. Jump is also an active investor and trader in Solana DeFi circles, where news of the backstop was well-known. The Wormhole team has stated that a full disclosure report is underway. 

The Wormhole portal was attacked earlier Wednesday using a vulnerability in the ‘smart contracts’ feature that allowed the attacker to get away with assets worth approximately $325 million in crypto. The majority of the stolen funds were moved to the Ethereum chain.

Also read: 23 critical UEFI vulnerabilities found impacting at least 25 computer brands

Funds restored, operations resume

Wormhole confirmed the restoration from Jump, stating that all funds have been restored and that the platform is running again. The attack vector has also been patched. 

These blockchain bridge platforms function by holding an asset into a ‘smart contract’ and then issuing the desired asset wrapped in another chain. Since the exploit minted wrapped ETH on Wormhole, the platform’s real ETH reserves were left unbacked. 

Many investors who have been dealing with low-interest rates are attracted to DeFi platforms thanks to their promise of high returns on savings. However, DeFi platforms have been under constant threat from attackers. 

Timeline of the Wormhole bridge breach

As mentioned above, Wormhole has confirmed that a detailed incident report is in the works. In the meantime, here’s a breakdown of the breach’s timeline.

  • February 2 18:26 UTC: The platform gets breached for 120,000 ETH.
  • February 3: 00:33 UTC: The attack vector gets patched.
  • February 3: 13:08 UTC: The ETH contract gets refilled and all lost ETH is backed one to one. 
  • February 3: 13:29 UTC: Wormhole is operational again.

In the News: Fake job postings stealing money and information; FBI issues warning

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>