Crypto platform Wormhole says funds are 'restored' after US$320 million hack

Online thieves made away with 120,000 wETH, or so-called wrapped Ether, said Wormhole. PHOTO: REUTERS

LONDON (REUTERS) - Cryptocurrency firm Wormhole said on Thursday (Feb 3) that "all funds have been restored" after over US$320 million (S$430 million) was stolen from its site in the fourth-largest crypto heist on record.

Wormhole, a "decentralised finance" site that allows the transfer of information across crypto networks, said on Wednesday it had been "exploited" for 120,000 digital tokens connected to the second-largest cryptocurrency, ether.

At the time of its announcement of the heist, the market value of the tokens was just over US$320 million.

The theft was the latest to hit the fast-growing but mostly unregulated DeFi sector. DeFi platforms allow users to lend, borrow and save - usually in crypto - while bypassing traditional gatekeepers of finance such as banks.

"All funds have been restored and Wormhole is back up," the platform said on Twitter after earlier saying on its Telegram channel that "all funds are safe".

Wormhole gave no further information on how it retrieved the funds, and did not respond to multiple Reuters requests for comment via social media. Like many DeFi sites, Wormhole does not give details of its location, ownership or corporate structure.

"'All funds have been restored.' How? Who will pay for it in the end?" asked one user on Telegram.

"The team is working on a detailed incident report and will share it ASAP," replied one of the channel's admins.

London-based blockchain analysis firm Elliptic said that attackers were able to fraudulently create the wETH tokens, almost 94,000 of which were later transferred to the ethereum blockchain, which powers transactions for ether.

Elliptic added that Wormhole has offered the attacker a US$10 million "bounty" to return the funds, citing messages embedded within ether transactions sent to the attacker's digital address.

Major hacking risk

Cash has poured into DeFi sites, mirroring the explosion of interest in cryptocurrencies as a whole. Many investors, facing historically low or sub-zero interest rates, are drawn to DeFi by the promise of high returns on savings.

Yet with their breakneck growth, DeFi platforms have emerged as a major hacking risk, with bugs in code and design flaws allowing criminals to target DeFi sites and deep pools of liquidity, and also to launder the proceeds of crime, while leaving few traces.

Fraud and theft at DeFi platforms surpassed US$10 billion last year, research by Elliptic shows, laying bare the risks in the fast-growing but mostly unregulated area of cryptocurrencies.

Last August, hackers behind likely the biggest ever digital coin heist returned nearly all of the US$610 million-plus they stole from the DeFi site Poly Network.

Hacks have long plagued crypto platforms. In 2018, digital tokens worth some US$530 million were stolen from Tokyo-based platform Coincheck.

Mt Gox, another Japanese exchange, collapsed in 2014 after hackers stole half a billion dollars' worth of crypto.

Join ST's Telegram channel and get the latest breaking news delivered to you.