Axios Pro: Fintech Deals

February 03, 2022

Axios Pro Exclusive Content

Happy Thursday, Fintech Deals readers!

Situational awareness: Nearly $500 million were transferred through peer-to-peer payments service Zelle in 2021, which was up 49% from the previous year.

1 big thing: Another giant crypto heist

Illustration of a computer floating above a space/time grid

Illustration: Sarah Grillo/Axios

Today in crypto hacks: Wormhole, which offers a popular bridge between different blockchains, said hackers exploited a vulnerability in its code and made off with around $320 million in crypto.

Why it matters: This is just the latest in a series of hacks and exploits that have led to crypto thieves making off with large bounties of digital assets. It's hard to think of a time a bank dealt with so severe a heist.

  • According to blockchain analytics firm Elliptic, this was the fourth-largest crypto heist of all time.
  • Despite these hacks, investors are not deterred. Funding for blockchain startups reached $25.2 billion last year, up 713% from $3.1 billion in 2020.
  • And with mega funds from a16z, Katie Haun, Paradigm, and Pantera in market, that funding will continue to flow.

The Wormhole network was taken down Wednesday afternoon soon after the exploit was discovered.

  • Hours later, the team said the vulnerability had been patched and ETH would be added to ensure users' funds were safe.
  • Wormhole developers have since offered the hackers a $10 million bug bounty for exploit details and a return of the funds.

The details: Attackers exploited Wormhole's bridge between the Ethereum and Solana blockchains and made off with 120,000 wETH (wrapped ethereum) tokens.

  • An analysis of the transactions by Paradigm research partner samczsun showed the hack resulted from Wormhole’s failure to validate guardian accounts, which enabled the attackers to fraudulently "mint" wETH out of thin air.
  • About 96,000 of the wETH tokens have been sent to the ethereum blockchain, according to blockchain forensics provider TRM Labs.

The big picture: As long as crypto assets seem vulnerable to these types of attacks, they will look risky to mainstream users, which could tamp down adoption in the short term.

View archive