The Solana-based Wormhole Bridge was hacked for $325 million after the attacker managed to exploit a security flaw, making it one of the largest exploits in crypto history.
A year later, a group of white hats, along with two crypto firms, launched a “counter-exploit” against the malicious entities and clawed back a portion of stolen assets tied to the exploit.
The counter exploit was jointly conducted by the decentralized finance platform Oasis and Web3 infrastructure company Jump Crypto. The latter was Wormhole’s parent company and had previously replaced all the lost funds. The vulnerability was also patched.
Wormhole offered a $10 million bug bounty and white hat agreement to the attackers in exchange for returning the funds, which never transpired. This kicked off an investigation with the help of both government and private resources. Fast forward to 21st February, Oasis received an order from the High Court of England and Wales to take all necessary steps to retrieve assets involved with the wallet address associated with the exploit.
According to a report, $140 million worth of assets were successfully recovered following a counter-exploit. The retrieval was initiated via the Oasis Multisig, and the funds were returned to a court-authorized third party. The counter exploit was only possible with the approval of the Oasis Multisig.
Despite the retrieval, the community remained divided as the incident unfolded over the weekend. One user pointed out that the entire event sets a bad precedent in the decentralized finance ecosystem. His tweet read,
“w/r/t this Oasis/Wormhole counter exploit that I really didn’t think we’d see court-mandated smart contract manipulation for at least a few more years. Bad precedent and condemnation of upgradable proxies.”
Oasis, however, stressed that the sole intention for granting access was to protect user assets in the event of any potential attack. The platform further asserted that this move allowed the team to quickly fix any vulnerability. It should be noted that at no point, in the past or present, have user assets been at risk of being accessed by any unauthorized party.
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.