Verify a decision

{"actor":"system:backfill","investigation_id":"9524fa70-d0f6-43e5-9698-973b2b93272f","kind":"publish","page_slug":"wormhole-bridge","published_at":"2026-05-30T18:25:51.514Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Wormhole Bridge","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2022/02/02/blockchain-bridge-wormhole-suffers-possible-exploit-worth-over-250m","type":"other","url":""},{"credibility":3,"name":"https://www.bloomberg.com/news/articles/2022-02-02/blockchain-bridge-wormhole-hit-with-potential-315-million-hack","type":"other","url":""},{"credibility":3,"name":"https://www.chainalysis.com/blog/wormhole-hack-february-2022/","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-wormhole-hack-february-2022","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-wormhole-hack-february-2022","type":"other","url":""},{"credibility":3,"name":"https://immunebytes.com/blog/wormhole-bridge-hack-feb-2-2022-detailed-hack-analysis/","type":"other","url":""},{"credibility":3,"name":"https://www.certik.com/resources/blog/wormhole-bridge-exploit-incident-analysis","type":"other","url":""},{"credibility":3,"name":"https://certik.medium.com/wormhole-bridge-exploit-analysis-5068d79cbb71","type":"other","url":""},{"credibility":3,"name":"https://www.chainalysis.com/blog/wormhole-hack-february-2022/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/business/2022/02/03/jump-trading-backstops-wormholes-320m-exploit-loss-sources","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/jump-crypto-replenishes-funds-from-320m-wormhole-hack-in-largest-ever-defi-bailout","type":"other","url":""},{"credibility":3,"name":"https://decrypt.co/92709/jump-crypto-wormhole-defi","type":"other","url":""},{"credibility":3,"name":"https://fortune.com/2022/02/04/320-million-crypto-hack-blockchain-ether-jump-trading-wormhole-refund-customer-losses/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.elliptic.co/blog/analysis/stolen-funds-from-the-wormhole-hack-on-the-move-after-laying-dormant-for-almost-a-year","type":"other","url":""},{"credibility":3,"name":"https://blockworks.com/news/jump-crypto-wormhole-hack-recovery","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/business/2023/02/24/oasis-exploits-its-own-wallet-software-to-seize-crypto-stolen-in-wormhole-hack","type":"other","url":""},{"credibility":3,"name":"https://www.cryptotimes.io/2023/02/27/wormhole-hacker-suffers-counter-exploit-from-jump-crypto-and-oasis-app/","type":"other","url":""},{"credibility":3,"name":"https://www.citationneeded.news/oasis-defi-centralization/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://techcrunch.com/2023/07/27/wormhole-new-security-320m-hack/","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/certik-discovered-5-million-security-flaw-wormhole-bridge-aptos","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/security-flaw-aptos-wormhole-bridge/","type":"other","url":""},{"credibility":3,"name":"https://wormhole.foundation/blog/report-on-certiks-aptos-related-bug-bounty-2","type":"other","url":""},{"credibility":3,"name":"https://immunefi.com/bug-bounty/wormhole/information/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.chainalysis.com/blog/wormhole-hack-february-2022/","type":"other","url":""},{"credibility":3,"name":"https://www.cbsnews.com/news/wormhole-ether-cryptocurrency-320-million-hack/","type":"other","url":""},{"credibility":3,"name":"https://www.merklescience.com/blog/hack-track-analysis-of-wormhole-token-bridge-exploit","type":"other","url":""}]}],"sources_used":[],"summary":"Wormhole Bridge is a cross-chain messaging and token bridge protocol originally developed by Certus One, later owned by Jump Crypto, enabling asset transfers between Solana, Ethereum, and other blockchains. On February 2, 2022, an attacker exploited a signature verification flaw in the Solana-side smart contract to fraudulently mint 120,000 wrapped ETH (wETH) worth approximately $320–326 million without posting collateral, making it the second-largest DeFi exploit in history at the time. Jump Crypto replenished the stolen ETH within 24 hours to prevent ecosystem collapse, and a court-authorized counter-exploit in February 2023 recovered approximately $140 million of the remaining stolen funds.","timeline":[{"date":"2022-02-02","event":"Wormhole Bridge exploited; attacker mints 120,000 wETH (~$320-326M) on Solana without collateral using a signature verification bypass in the Solana smart contract.","source":""},{"date":"2022-02-02","event":"Wormhole team embeds a $10 million bounty offer in a transaction to the attacker's Ethereum wallet; the offer is not accepted.","source":""},{"date":"2022-02-03","event":"Jump Crypto deposits 120,000 ETH to replenish the bridge and make users whole, preventing cascading insolvencies across Solana DeFi.","source":""},{"date":"2023-01-14","event":"Attacker's Ethereum and Solana wallets activate simultaneously after nearly a year of dormancy; attacker begins converting stolen ETH into staked ETH derivatives via OpenOcean.","source":""},{"date":"2023-01-23","event":"Attacker moves approximately $155 million in ETH to decentralized exchanges, converting to stETH and wstETH and using them as collateral to borrow DAI on MakerDAO.","source":""},{"date":"2023-02-21","event":"Oasis.app receives an order from the High Court of England and Wales to retrieve assets associated with the Wormhole exploit wallet.","source":""},{"date":"2023-02-21","event":"Jump Crypto and Oasis execute a court-authorized counter-exploit against the attacker's Oasis vaults, recovering approximately $140 million net in stolen assets.","source":""},{"date":"2023-07-27","event":"TechCrunch reports on Wormhole's post-hack security overhaul including 29 third-party audits, two $2.5M bug bounty programs, and Uniswap DAO bridge selection.","source":""},{"date":"2023-12-05","event":"CertiK discovers a $5 million vulnerability in the Wormhole bridge on Aptos and discloses it to the Wormhole team; the flaw is patched within approximately three hours with no funds lost.","source":""}]},"v":1}