By exploiting a vulnerability in the software of a crypto trading platform, hackers stole 320 million in cryptocurrencies.
Wormhole Portal is a web-based application that allows users to convert one form of cryptocurrency into another. These portals are often referred to as blockchain bridges. Basically they use Ethereum smart contracts (computer code stored on a blockchain) to connect the input currency and the desired output currency.
The attacker is believed to have exploited this process to trick the Wormhole project into releasing Ether (ETH) and Solana (SOL) coins for a far greater value than their input value.
How were the attackers able to pull this off?
Wormhole didn’t properly validate all input accounts, which allowed the attacker to spoof guardian signatures and mint 120,000 ETH on Solana, of which they bridged 93,750 back to Ethereum.
Award Offered for Details on the Attack
The platform is offering a $10 million award for the stolen money and details about the attack.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.