Hackers just managed to run away with more than $320 million on Wednesday after they took advantage of an exploit on the bridging protocol that links the Ethereum and Solana blockchains. Developers of the Wormhole protocol confirmed the exploit on Twitter, stating that they will be shutting down the network to try and find a solution to fix the exploit.
The hack is now the second-largest ever conducted on the decentralized finance ecosystem, right behind the $600 million heists on the Poly Network. It is also now the largest ever attack on Solana, a popular cryptocurrency that is a direct rival to Ethereum. Solana recently gained traction after it became one of the digital currencies of choice used for non-fungible tokens (NFTs).
Like Ethereum, Solana offers programmable pieces of code called smart contracts that can be used to make direct transactions with banks and lawyers. Solana quickly gained traction as it is relatively cheaper and faster to use compared to Ethereum.
Wormhole was developed as a way to bridge the two cryptocurrencies. These types of cross-chain bridges are used to make it easier for users to send and receive both Ethereum and Solana.
Blockchain cybersecurity firm CertiK said the attacker or group of attackers made at least $251 million in Ethereum, approximately $47 million in Solana, and more than $4 million in USDC, a stablecoin tethered to the US dollar's price.
Auston Bunsen, the co-founder of QuikNode, explained that bridges like Wormhole function by having two smart contracts - one on each chain. There was one smart contract on Solana and one on Ethereum in this example. Wormhole is an ethereum bridge that accepts an ethereum token, locks it inside a contract on one chain, and then issues a parallel token on the other chain.
CertiK said the attackers had exploited a vulnerability on the Solana side of the bridge. The hackers created so-called wrapped tokens to claim actual Ethereum coins on the other side of the bridge.
Wormhole claims that Ethereum will be added to the bridge "in the next hours" to ensure that its wrapped Ethereum tokens are supported, although it's unclear where the money will come from.
CertiK said that when bridges store hundreds of millions of dollars in escrow and expand their attack vectors by functioning over two or more blockchains, they become excellent targets for hackers.
The attack is the latest to occur against crypto platforms, which have increased in frequency in the past few years. CertiK said the attack should serve as a warning to other blockchain networks.
