Connect with us
Active Currencies 13031
Market Cap $2,592,987,376,083.40
Bitcoin Share 50.57%
24h Market Cap Change $5.50

Jump Crypto and Oasis counter-exploit Wormhole hacker for $225m

2min Read
Jump Crypto and Oasis counter-exploit Wormhole hacker for $225m

Share this article



  • A Web3 firm Jump Crypto and a DeFi platform Oasis.app have conducted a counter-exploit on the Wormhole protocol hacker.
  • They have successfully recovered $225 million in digital assets and transferred them to a safe wallet.

Jump Crypto, a Web3 infrastructure firm, and Oasis.app, a decentralized finance (DeFi) platform, have conducted a counter-exploit on the Wormhole protocol hacker, recovering $225 million in digital assets and transferring them to a safe wallet.

The Wormhole attack took place in February 2022 and resulted in the theft of approximately $321 million in Wrapped ETH (wETH) due to vulnerability in the protocol’s token bridge.

Since then, the hacker has moved around the stolen funds through various Ethereum-based decentralized applications (dApps), and via Oasis, they recently opened up a Wrapped Staked ETH (wstETH) vault last month, and a Rocket Pool ETH (rETH) vault early this month.

The Oasis.app team confirmed a counter-exploit had occurred in a blog post on 24 February, stating that it had received an order from the High Court of England and Wales to retrieve certain assets related to the address associated with the Wormhole exploit.

The retrieval was started by Oasis Multisig and a court-authorized third party, which was identified as Jump Crypto in a previous report from Blockworks Research.


Funds transferred to safe wallets

The transaction history of both vaults shows that Oasis moved 120,695 wsETH and 3,213 rETH on 21 February and placed them in wallets under Jump Crypto’s control. The hacker also had approximately $78 million in debt in MakerDao’s DAI stablecoin, which was recovered.

According to the blog post, it can also be confirmed that the assets were immediately transferred to a wallet controlled by an authorized third party, as required by the court order. It no longer has any control or access to these assets.

In response to the negative implications of Oasis being able to retrieve crypto assets from its user vaults, the team stressed that this was only possible due to a previously unknown vulnerability in the design of the admin multisig access.


Share

Saman is a News Editor at AMBCrypto. Her background in History and English expanded on her knack for editing and presenting all sides of a story without bias. With a strong will to learn, Saman is always up for exploring unknown territory, and crypto, with its ever-changing landscape, offers just that.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.