$325M stolen in a DeFi heist
Blockchain technology is widely seen as a potential solution to all problems and is anticipated to have far-reaching future applications across all industries.
However, the biggest difficulty different blockchain technologies have faced is the lack of the ability to operate in conjunction with each other. DeFi applications built on a particular platform is often locked into that platform and have no way of leveraging the benefits of other blockchains.
By facilitating token transfers, smart contracts and data sharing, and other feedback and instruction across two independent platforms, blockchain bridges allows interoperability between blockchains and tackle the problem of high transaction costs and congestion.
Although blockchain bridges can do a lot of great things, if a hacker gets in, it's quite tough to resolve the dilemma.
Recently, we have seen hackers exploiting the vulnerability of blockchains and cross-chain bridges. Last month, a cross-chain protocol informed users that six tokens, including WETH, PERI, OMT, WBNB, MATIC, and AVAX, had a significant vulnerability. However, the hackers returned the 322 ETH while keeping the hefty finders fee.
Similarly, this week, OpenSea, one of the largest online NFT marketplaces, stated that a whopping 80% of NFTs generated by its free creation tool are spam, scams, or otherwise illegitimate.
Wormhole, one of the most popular cross-blockchain bridges, became the victim of a $326 million hack on Wednesday, making it the largest hack of the year and the second-largest DeFi hack ever.
Well, this pattern could make crypto enthusiasts a bit nervous. However, if crypto firms become highly watchful, partnering with industry specialists who offer solutions such as transaction tracking and risk assessments, the issue may be addressed more effectively than by offering bug bounties.
Wormhole loses over $326M in smart contract exploit
Wormhole, a system that allows users to transfer tokens between Solana and other blockchains such as Ethereum, has been used to the tune of 120,000 WETH
The Wormhole bridge operates by locking tokens on the original chain and minting wrapped tokens on the destination chain. The exploiter was able to mint 120,000 WETH despite the fact that they lacked the ETH required. Apparently, the attackers faked a VAA (validator action approval) that was considered authentic by the Wormhole bridge, allowing the attacker to mint WETH tokens. Prices for Solana's SOL token fell below $100 after the exploit news came out.
The Wormhole team is offering the hacker a $10 million bug bounty if they return the stolen WETH.
The message sent to the attacker through the Ethereum blockchain is as follows:
"This is the Wormhole Deployer: We noticed you were able to exploit the Solana VAA verification and mint tokens. We’d like to offer you a whitehat agreement, and present you a bug bounty of $10 million for exploit details, and returning the wETH you’ve minted. You can reach out to us at contact@certus.one"
If you want to understand how this hack was instrumented, JonWu does a great job of explaining it here.
What's Google thinking about web3 ?
If you still think crypto hasn't gone mainstream; then you're mistaken. Companies like Reddit, Microsoft and Amazon have already started showing interest in building web3 projects. They have also added job listings in this space. Not only tech companies but banks like Visa Mastercard have even started crypto services to advise their clients. Top brands like Nike and Adidas are planning to build their metaverses. Coming back, Google's parent company, Alphabet Inc., announced today that it is exploring how it may integrate Web3 and blockchain networks into its operations. Arnold Goldberg, a former PayPal senior vice president and chief product architect, was recently appointed to run Google's payments division. Google has already embraced cryptocurrency: Last year, Google Pay, an Android software that allows users to make contactless payments accepted by millions of shops worldwide, added integration for the Coinbase Card, a Visa debit card that enables Bitcoin payments. Before you go, do read about what Sundar Pichai had to say on web3:
Thailand Drops 15% Capital Gains Tax Plan on Crypto
While India imposed tax on crpyto bros, Thailand is doing just quite opposite.Thailand's revenue agency has scrapped a proposal to levy a 15% withholding tax on cryptocurrency transactions. Crypto-traders in Thailand can now use the new strategy to offset their annual losses with gains made the same year.
The country has been pro-cryptocurrencies since last year, back in November 2021, the Tourism Authority of Thailand (TAT) pivoted to “crypto millionaires” as a means of boosting the country’s pandemic-hit economy. All felt good until last week when the Thai Securities and Exchange Commission (SEC) said it planned to issue guidelines surrounding the restriction of digital currency payments. SEC also told that “The issuance of digital tokens must be authorized and overseen by the Securities and Exchange Commission and the issuer is required to disclose information and offer the coins through the token portals licensed under the Digital Asset Decree”. Amid this news, The Bank of Thailand notified that it will postpone its central bank digital currency (CBDC) test from the second quarter until late next year.
Stay informed in just 5 minutes
Get a daily email that makes reading crypto news informative. Have fun keeping up and getting smarter.
The dispatch is sent in time zones at 8:30 am. Choose your preferenceEastern Time Zone (UTC-05:00)USTISTGMTSST
Subscribe