Oasis “hacked itself” to recover 120,000 ETH damage from Wormhole attack

Oasis is said to have helped the Jump Crypto investment fund recover $140 million in ETH stolen in the Wormhole bridge attack in February 2022.

Oasis “hacked itself” to recover 120,000 ETH damage from the Wormhole attack. Photo: Protos

According to an announcement posted on the morning of February 25, Oasis – a project specializing in creating vaults to borrow money and receive interest with links to MakerDAO and DAI – said that it had successfully recovered 120,000 ETH, worth $140 million at the time. make the article, from the Wormhole bridge attack and return it to the previous owner.

Notably, this unit claims to have been ordered by the Supreme Court of England and Wales to be all ways to get the money back.

As reported by Kyptos, in February 2022, the Wormhole bridge connecting Solana with Ethereum was attacked by hackers, resulting in the loss of up to 120,000 ETH, worth up to 325 million USD at that time. Just a few hours after the hack took place, the Jump Crypto investment fund that backed Wormhole said it would spend money to fix all the damage.

Oasis revealed that an attacker at the end of January 2023 used their vault solution and multisig wallet to store dirty funds, then engaged in liquid staking ETH. After being reported by a white hat hacker to discover a flaw related to the design of access to multisig on February 16, 2023, Oasis decided to take advantage of that bug to “trick” the hacker wallet into transferring assets out. outside and got all the money back through a series of transactions made on Feb. 21.

The project has refunded the recovery money to an “authorized third party”, most likely Jump Crypto.

Oasis wrote:

“We want to emphasize that the above action is only for the sole purpose of protecting the interests of users in the event of an attack, allowing us to quickly patch the bug. There have been no cases of unauthorized access to user assets on Oasis so far.”

However, Oasis’s decisions are causing great controversy in the crypto community on Twitter, arguing that it will set a dangerous precedent that threatens the immutability of the blockchain, as well as for the DeFi project to be possible. pressured by the law to perform the above “self-hacking” actions.

Not to mention that the wallet provided by Oasis should be a non-custodial wallet because the user holds the private key and has full control, which means that this unit cannot unilaterally intervene like that.

Both Wormhole and Jump have yet to release an official statement about the incident.

Synthetic Kyptos

Stay in the Loop

Get the daily email from CryptoNews that makes reading the news actually enjoyable. Join our mailing list to stay in the loop to stay informed, for free.

Latest stories

- Advertisement - spot_img