skip to Main Content
bitcoin
Bitcoin (BTC) $ 96,488.85 1.89%
ethereum
Ethereum (ETH) $ 3,358.00 2.66%
tether
Tether (USDT) $ 0.999267 0.11%
xrp
XRP (XRP) $ 2.18 3.81%
bnb
BNB (BNB) $ 693.97 1.00%
solana
Solana (SOL) $ 190.57 3.42%
dogecoin
Dogecoin (DOGE) $ 0.317031 3.40%
usd-coin
USDC (USDC) $ 1.00 0.03%
staked-ether
Lido Staked Ether (STETH) $ 3,353.86 2.74%
cardano
Cardano (ADA) $ 0.874994 3.45%

Wormhole hacker moves $155M in biggest shift of stolen funds in months

Blockchain transaction history shows that the hacker transferred the funds onto a DEX and then went on to cycle funds around different DeFi protocols.

558 Total views

13 Total shares

Wormhole hacker moves $155M in biggest shift of stolen funds in months

Own this piece of history

Collect this article as an NFT

The hacker behind the $321 million Wormhole bridge attack has shifted a large chunk of stolen funds, with transaction data showing that $155 million worth of Ether (ETH) was transferred to a decentralized exchange (DEX) on Jan 23.

The Wormhole hack was the third largest crypto hack in 2022, after the protocol’s token bridge suffered an exploit on Feb. 2, 2022, that resulted in the loss of 120,000 Wrapped ETH (wETH) around worth $321 million.

According to the transaction history of the hacker’s alleged wallet address, the latest activity shows that 95,630 ETH was sent to the OpenOcean DEX and then subsequently converted into ETH-pegged assets such as Lido Finance’s staked ETH (stETH) and wrapped staked (wstETH).

— CertiK Alert (@CertiKAlert) January 23, 2023

Digging into the transaction history further, crypto community members such as @spreekaway also highlighted that the hacker went on to conduct a slew of odd looking transactions.

For example, the hacker used their stETH holdings as collateral to borrow 13 million worth of the DAI stablecoin, before swapping it out for more stETH, wrapping into stETH again and then borrowing some more DAI.

Wormhole exploiter has converted his ETH to wstETH and is going to borrow DAI against it it seems. pic.twitter.com/9rhERSMG5u

— Spreek (@spreekaway) January 23, 2023

Notably, the Wormhole team has taken the opportunity to once again offer the hacker a bounty of $10 million if they return all the funds, after it left an embedded message conveying such in a transaction via the Wormhole: Deployer.

Embedded message: Etherscan

The hacker’s hefty ETH transaction appears to have had a direct impact on the price of stETH according to data from Dune Analytics. The asset’s price went from slightly under peg of 0.9962 ETH on Jan. 23, to as high as 1.0002 ETH the following day, before dropping back to 0.9981 at the time of writing.

Related: North Korea’s Lazarus Group masterminded $100M Harmony hack: FBI confirms

With the Wormhole hack likely to catch more attention in light of the latest incident, blockchain security firms such as Ancilia, Inc. warned on Jan. 19 that searching the keywords “Wormhole Bridge” in Google is currently showing promoted ad websites that are actually phishing operations.

The community has been warned to be diligent on what they are clicking on relating to this term.

#phishing alert When you search “wormhole bridge” in Google, many of the “ad” entries are actually phishing site. E.g.

hxxps://wormholebridge-multichain.com/

hxxps://portaltoken-wormholebridge.com. Be careful about what you click and stay safe! pic.twitter.com/C6JW2xeaUh

— Ancilia, Inc. (@AnciliaInc) January 19, 2023

Loading data ...
Comparison
View chart compare
View table compare
Back To Top