Hole hacker moved R$800 million in cryptocurrency
CriptoFácil – A wormhole hacker, one of the largest bridges to other blockchain networks, transferred the stolen funds. According to analytics firm CertiK, the attacker moved around $155 million USD in Ether (), which is roughly equivalent to R$800 million.
This is the first time the hackers have moved the money in months. Analysis shows that the attackers used a decentralized exchange (DEX) to move funds.
Such moves often happen when hackers want to use stolen funds or exchange them for cryptocurrency. In this case, they often use DEX and mixers to disguise the origin, but CertiK confirmed that the addresses belong to hackers.
Almost 100 thousand ETH
According to the data, the total traffic corresponds to 95,630 ETH, which the hackers sent to a DEX called OpenOcean. On the platform, hackers converted ETH into Staked Ether (stETH) and rolled stETH (wstETH).
The explorer then used wstETH as collateral for a $13 million loan in the DAI stablecoin. With this, the attacker attempted to purchase approximately 8,000 ETH via KyberNetwork, which is around R$67.6 million. The address repeats this process several times to be able to transfer the money.
At this rate, the hacker would need to perform approximately 12 operations to transfer all of the stolen value. Remittances have increased activity on the blockchain as well as trading volumes. Based on these increases, CertiK was able to determine the source of the funds.
At the same time, the Wormhole team also outlined operations. They sent a message to the hacker offering a $10 million reward for the money back. The letter stated the following:
“We would like to replicate our previous offer of a $10 million bounty for the full return of all stolen funds. You can contact us at bounty@wormholenetwork.com or reply to the message on the blockchain.”
The team sent the message more than once while the hacker was transferring funds, but there was no response as of the time of publication.
With renewed vigor, cybersecurity firm – Ancillaº has issued a warning that many of the ad entries that Google (NASDAQ:) displays for the keywords “Wormhole Bridge” are actually phishing sites.
The second largest attack in history
The attack on Wormhole was one of the largest attacks carried out in 2022. In fact, the heist is second only to the attack on Ronin in terms of total value embezzled.
In the attack, the hacker exploited a vulnerability in the bridge’s validation system that allowed him to fraudulently generate quantities of encapsulated ether (WETH). Then, the attacker exchanged the tokens for ETH and managed to carry out the theft.
In a series of transactions, the hacker stole nearly 120,000 ETH from Wormhole (WeETH) worth over $320 million.
by CryptoFacil