26 Jan 2023 · 2 min read

$321 Million Wormhole Hacker is Moving Funds, On-chain Data Shows

A hacker who stole 120,000 ETH tokens, worth above $321 million at the time, from the Wormhole cross-chain bridge has started moving funds, according to various on-chain analysts. On the 23rd of January, the hacker moved $155 million worth of Ether tokens to 1Inch, a decentralized exchange (DEX).

The anonymous exploiter has since started swapping their ETH tokens for other cryptocurrencies. According to @lookonchain, the hacker swapped 95,630 ETH (worth $155 million) for 86,473 wstETH – a wrapped version of Ethereum liquid staking protocol Lido’s stETH token.

The hacker then used this wstETH to borrow $14.5 million worth of DAI, a dollar-pegged stablecoin. They then bought a further 8,913 stETH with these tokens. This was then used to borrow a further $1.5 worth of DAI.

The exploiter’s odd behavior continued, according to on-chain tracker @spreekaway, with the exploiter funding a new address with 0.1 ETH.

Spreek speculated that the exploiter could be connected to the BNB bridge hacker, given similar behavioral patterns.

The Wormhole bridge team once again left their exploiter a message offering a $10 million bounty for a total return of the stolen funds, giving them an email to get in contact anonymously.

Exploits Still a Big Problem in Crypto

The Wormhole bridge hack, though enormous in size, was only the third largest in 2022. The largest was a $612 million hack of the Ronin bridge – a bridge built to transport funds from the Ethereum blockchain to the Ronin sidechain that was built for Axie Infinity. North Korea’s Lazarus crypto hacking group is suspected to have been involved.

The second largest hack was a $477 million exploit of an FTX wallet in the immediate aftermath of the exchange’s collapse. In total, over $2 billion in crypto was stolen in 2022, about 0.25% of the cryptocurrency’s market capitalization at the end of the year.

Exploits thus remain a key issue in crypto. Not only are decentralized protocols at risk of having funds drained if hackers find code weaknesses or get access to sensitive information, but individuals face risks form a litany of phishing scams and fake websites.

Fund safety has been identified as a key barrier to crypto adoption – if the risk of losing funds to robbers remain as high as it is, many will remain deterred from investing in/using crypto.

But crypto users can take steps to reduce their risk of losing funds. When crypto is stored on a platform like a centralized exchange, investors should set up 2 Factor Authentication whenever possible, which can be further strengthened by using Google’s Authenticator application.

Investors should also consider withdrawing funds to a hardware wallet, ensuring that they back up their seed phrase properly and using strong, varied passwords. When interacting with Decentralized Finance (DeFi) protocols, crypto users should take particular care to ensure they aren’t on a fake website or dApp that actually aims to steal their information/funds.

Presales to Consider

Investors you're looking for high-potential crypto projects should check out the top 15 cryptocurrencies for 2023, as analyzed by the CryptoNews Industry Talk team.

The list is updated weekly with new altcoins and ICO projects.

Disclaimer: The Industry Talk section features insights by crypto industry players and is not a part of the editorial content of Cryptonews.com.