CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 75% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.
US English

Jump Crypto mitigates devastating impact of Wormhole hack

By Debabrata Das

08:11, 4 February 2022

Artist impression of a wormhole
The blockchain bridge Wormhole secured 120,000 ETH to replace the cryptocurrency stolen by hackers – Photo: Shutterstock

Popular blockchain bridge Wormhole, which connects ethereum, solana and other cryptocurrencies, secured a $320m (£236m) bailout from the crypto arm of US-based trading platform Jump Trading hours after hackers stole wETH tokens worth the same amount from blockchain bridge.

Jump Crypto, the cryptocurrency arm of Jump Trading, said in a tweet that it believes “in a multichain future” and that Wormhole is “essential infrastructure”. It confirmed in the tweet that it had replaced the stolen cryptocurrency in the form of 120,000 ETH to make sure Wormhole “continues to develop”.

Only hours before Jump Crypto’s support, Wormhole had said in a tweet that hackers had stolen 120,000 wETH or wrapped ETH. The blockchain bridge had said that it was working to restore the funds via ETH. Just before confirming the replacement of the ETH from Jump Crypto, Wormhole also said that the vulnerability that the hackers exploited had been patched.

Devastating consequences averted

According to London-based cryptocurrency analysis firm Elliptic, the exploit resulted from Wormhole’s “failure to validate ‘guardian’ accounts” that allowed hackers to “mint” 120,000 ETH out of thin air.

Elliptic also said that Wormhole had offered the hackers a $10m bounty to return the funds.

The attack could have been devastating for Solana, according to Chainalysis, a cryptocurrency research firm. “Yesterday’s hack meant that $320m of wETH on the Solana blockchain was unbacked for a period of time. If the wETH wasn’t backed up with Ether, it would mean that a number of Solana-based platforms that accept wETH as collateral would become insolvent,” the firm said in a note.

XRP/USD

0.60 Price
-0.140% 1D Chg, %
Long position overnight fee -0.0753%
Short position overnight fee 0.0069%
Overnight fee time 21:00 (UTC)
Spread 0.01168

US100

19,526.60 Price
-1.140% 1D Chg, %
Long position overnight fee -0.0263%
Short position overnight fee 0.0041%
Overnight fee time 21:00 (UTC)
Spread 7.0

BTC/USD

66,757.45 Price
-0.960% 1D Chg, %
Long position overnight fee -0.0616%
Short position overnight fee 0.0137%
Overnight fee time 21:00 (UTC)
Spread 106.00

Gold

2,401.36 Price
-1.830% 1D Chg, %
Long position overnight fee -0.0198%
Short position overnight fee 0.0116%
Overnight fee time 21:00 (UTC)
Spread 1.20

DeFi attacks increasing

“We could have seen users rush to sell their wETH, causing its value to crash, which would have serious implications for the Solana blockchain and extensive DeFi ecosystems built on top of it, as many of these protocols rely on wETH to back assets issued to users. And in fact, we did see a 13.5% dip in Solana’s price last night, which many attribute to concerns around the hack,” the note added.

The attack on Wormhole is the latest in an ever-growing spate of hacking attacks on decentralised finance (DeFi) platforms. Data from Elliptic showed that DeFi platforms have lost more than $2bn in direct losses from hacks and exploits.

According to Chainalysis, the last major attack on a DeFi platform was as recent as August 2021 in which hackers stole $610m from the Poly Network. In that case, however, hackers returned almost the entire funds that were stolen.

Rigorous code audits needed

Chainalysis says that the attack on Wormhole shows the hacker sophistication that smart contract developers need to defend against.

The firm suggests rigorous code audits to become the gold standard, both for building protocols and investors evaluating them. “Over time, the strongest, safest smart contracts can serve as templates for developers to build from, such as those offered by the Open Zeppelin Project,” Chainalysis added.

Rate this article

Related reading

Capital Com is an execution-only service provider. The material provided in this article is for information purposes only and should not be understood as investment advice. Any opinion that may be provided on this page does not constitute a recommendation by Capital Com or its agents and has not been prepared in accordance with the legal requirements designed to promote investment research independence. While the information in this communication, or on which this communication is based, has been obtained from sources that Capital.com believes to be reliable and accurate, it has not undergone independent verification. No representation or warranty, whether expressed or implied, is made as to the accuracy or completeness of any information obtained from third parties. If you rely on the information on this page, then you do so entirely at your own risk.

Still looking for a broker you can trust?

Join the 630,000+ traders worldwide that chose to trade with Capital.com

1. Create & verify your account 2. Make your first deposit 3. You’re all set. Start trading