The hacker behind the Wormhole Bridge attack, cost 321 million dollarsmoved a large chunk of the stolen funds: transaction data shows that on January 23, they were transferred $155 million in Ether (ETH) on a decentralized exchange (DEX).
The Wormhole attack was the third largest crypto hack of 2022, as the protocol’s token bridge was exploited on February 2, resulting in the loss of 120.000 Wrapped ETH (wETH), worth $321 million.
Based on the hacker’s alleged wallet address’s transaction history, the latest activity shows that 95,630 ETH were sent to the OpenOcean DEX and then later converted into ETH-pegged assets such as staked (stETH) and wrapped staked (wstETH) ETH by Lido Finance.
We are looking at address 0x629e… The Wormhole network exploiter traded 95,630 Ether (~155M$) for stETH.
Stay safe! pic.twitter.com/ZR6zxlRuKX
— CertiK Alert (@CertiKAlert) January 23, 2023
We are seeing address 0x629e… Wormhole Network Exploiter swap 95,630 Ether (~$155M) to stETH
Stay safe! pic.twitter.com/ZR6zxlRuKX
— CertiK Alert (@CertiKAlert) January 23, 2023
Further analyzing the transaction history, members of the crypto community like @spreekaway also highlighted that the hacker conducted a series of bizarre transactions.
For example, the hacker used his stETH reserves as collateral to borrow 13 million DAI stablecoins, before exchanging them for more stETH, wrapping them back into stETH (wstETH), and then borrowing more DAI.
The wormhole exploiter has converted its ETH to wstETH and it looks like it is going to borrow DAI. pic.twitter.com/9rhERSMG5u
— Speak (@speakaway) January 23, 2023
Wormhole exploiter has converted his ETH to wstETH and is going to borrow DAI against it it seems. pic.twitter.com/9rhERSMG5u
— Speak (@speakaway) January 23, 2023
Obviously, the Wormhole team took the opportunity to once again offer the hacker a $10 million bounty if he returns all the funds, leaving an embedded message in a transaction via the Wormhole: Deployer.
According to data from Dune Analytics, the hacker’s large ETH transaction appears to have had a direct impact on the price of stETH. On Jan. 23, the asset price moved from a value of 0.9962 ETH, slightly below the peg, to a high of 1.0002 ETH, before falling again to 0.9981 at the time of writing.
In light of recent events, the Wormhole hack is likely to attract the most attention. On Jan. 19, blockchain security firms such as Ancilia, Inc. warned that keyword research “Wormhole Bridge” are Google, is returning promotional websites that are actually phishing scams.
The community has been warned to be careful what you click on in relation to this topic.
#Allarme phishing. When you Google “wormhole bridge” many of the “ad” entries are actually phishing sites. Eg
hxxps://wormholebridge-multichain.com/
hxxps://portaltoken-wormholebridge.com. Be careful what you click and stay safe! pic.twitter.com/C6JW2xeaUh– Ancilia, Inc. (@AnciliaInc) January 19, 2023
#phishing alert When you search “wormhole bridge” in Google, many of the “ad” entries are actually phishing site. E.g.
hxxps://wormholebridge-multichain.com/
hxxps://portaltoken-wormholebridge.com. Be careful about what you click and stay safe! pic.twitter.com/C6JW2xeaUh– Ancilia, Inc. (@AnciliaInc) January 19, 2023
