- On-chain activity sparked at the address linked to the last year’s horrifying $320 million attack.
- The address that started moving money in the DeFi ecosystem after hacking one of the most well-known cross-blockchain bridges, Wormhole.
After 355 days of dormancy, the wallet that was used to steal 80,000 ETH from the Wormhole Portal Token Bridge last year was revived on Monday, trading on leverage like a legitimate crypto Twitter “degen” and transferring a sizable sum of money around the DeFi network.
An attacker used the DeFi platform’s Wormhole security flaw on February 2nd, 2022. The platform subsequently lost wETH, which was worth about $326 million.
Coming back to the exploit’s revival, there are two noteworthy transactions on the list. One of which is apparently between the exploiter and the exploiter 2, totaling about 1,889 ETH with roughly $3 million. The subsequent transaction is a swap between the exploit and the OpenOcean exchange for 95,630 ETH with staked ETH (stETH).
The exchange is worth $156,674,308. The wrapped staked ETH (wstETH/wETH) was created from the stETH.
Twitter user @Spreekaway initially discovered the action earlier on Monday.
Exploiter bundled more than 180,000 ETH into stETH on Lido Finance in two transactions (LDO).
The next move unfolded as the hacker borrowed Dai (DAI) stablecoins while using stETH as security. A total of about $15 million in DAI was borrowed and then exchanged for more stETH. Their activity caused the price of stETH to soar and destroyed the 1:1 peg to the ETH rate.
The market for the popular liquid staking derivative was significantly impacted by Exploiter’s massive Lido antics. Its 24-hour trading volume has roughly tripled. According to Dune Analytics, the size of the move was felt in the markets, leading stETH to repeg.
The Wormhole team re-offered the hacker a $10 million bounty via an embedded message in a transaction via the Wormhole after the unexpected spike in on-chain activity.
“We would like to reaffirm our earlier promise to pay a $10 million reward for the full restitution of any money that has been stolen.”
As per data analytics platform Nansen, the explorer’s address, which starts with 0x629, is currently the third largest holder of wrapped stETH.