(Bloomberg) -- Wormhole, a communication bridge between Solana and other decentralized-finance blockchain networks, said it is down as its team looks into a potential exploit of the protocol.
Hackers may have drained the project of as much as $315 million, according to blockchain forensics providers. If the amount is accurate, it would be one of the largest thefts from a DeFi protocol, which bill themselves as allowing users to bypass traditional intermediaries to borrow and lend digital assets.
“This demonstrates once again that the security of DeFi services has not reached a level that is appropriate for the huge sums being stored within them,” said Tom Robinson, co-founder of Elliptic. “The transparency of the blockchain is allowing attackers to identify and exploit major bugs.”
The hackers stole about 120,000 WETh tokens, of which about 96,000 have been sent to the Ethereum blockchain, per another forensics provider, TRM Labs.
“No onward movement yet, but we are tracking the situation,” TRM said.
Wormhole developers are offering the hacker a $10 million bug bounty for exploit details and the return of the funds.
Jump Trading Group announced in August that it bought Certus One, which helped develop Wormhole. Jump has said it is a founding code contributor to Wormhole. Certus One offers infrastructure services for proof-of-stake blockchains and has been an active participant in decentralized networks including Cosmos, Terra, Solana and next-generation Ethereum.
A representative for Jump Trading didn’t immediately respond to a request for comment.
©2022 Bloomberg L.P.