$140M Stolen Crypto Assets Recovered with Counter-Exploit

• The Wormhole Bridge was hacked for $325 million after a security flaw was exploited.
• White hats and crypto firms conducted a “counter-exploit” to recover a portion of stolen assets.
• Oasis received an order from the High Court of England and Wales to retrieve the assets, resulting in $140 million worth of assets being recovered.

Exploit on Wormhole Bridge

The Solana-based Wormhole Bridge was hacked for $325 million after the attacker managed to exploit a security flaw, making it one of the largest exploits in crypto history. The vulnerability was also patched and Wormhole offered a $10 million bug bounty and white hat agreement to the attackers in exchange for returning the funds, which never transpired.

Counter-Exploit

A group of white hats, along with two crypto firms, launched a „counter-exploit“ against the malicious entities and clawed back a portion of stolen assets tied to the exploit. The counter exploit was jointly conducted by the decentralized finance platform Oasis and Web3 infrastructure company Jump Crypto. The latter was Wormhole’s parent company and had previously replaced all the lost funds. This kicked off an investigation with the help of both government and private resources.

High Court Order

Fast forward to 21st February, Oasis received an order from the High Court of England and Wales to take all necessary steps to retrieve assets involved with the wallet address associated with the exploit. According to a report, $140 million worth of assets were successfully recovered following a counter-exploit initiated via Oasis Multisig which returned funds to court authorized third party.

Bug Bounty & White Hat Agreement

Wormhole offered a $10 million bug bounty and white hat agreement to attackers in exchange for returning funds that never transpired as part of their attempt at recovering stolen funds linked with exploit on their platform.

Recovery Successful

With assistance from government & private resources plus approval from High Court Of England & Wales, Oasis succeeded in retrieving majority ($140M) of stolen funds associated with wallet address linked with exploit with help from counter-exploit they launched against malicious entities involved exploiting wormhole bridge security flaw