After a long time of “immobilization”, the money taken from the Wormhole bridge attack has moved to the form of stETH tokens.
According to blockchain data, almost half of the funds stolen from Solana’s Wormhole bridge attack that caused $325 million in damage in February 2022 have been moved.
Specifically, the hacker aggregated the stolen ETH to a wallet, then swapped 95,630 ETH ($157 million) into Lido’s stETH staking token via the OpenOcean DEX. Next, 86,473 stETH was converted into wstETH tokens, which can be used to provide liquidity on DeFi protocols.
just borrowed 13m DAI pic.twitter.com/P9LhOaaZL4
— Spreek (@spreekaway) January 23, 2023
Using wstETH as collateral, the Wormhole attacker borrowed approximately $14.5 million USD of stablecoin DAI and used it to buy back 7,989.5 ETH on Kyber Network.
The large-scale purchases of stETH above have even raised the price of the staking-locked token slightly, according to data from Dune Analytics.
Although the reason for the above actions of the Wormhole hacker is not known, some people joked that maybe the hacker may also be “catching the trend” of Liquid Staking, which has been discussed a lot recently.
So far, it is not clear who the attacker on the Wormhole bridge is, but with the “sensitive” time of reactivation, many speculate that it may have links to North Korean hackers. As reported by Kyptos, the FBI accused North Korean hacker organizations of carrying out the Harmony Horizen bridge attack last June, stealing $100 million. Just last week, more than 60 million USD of which was transferred to the exchange and through other blockchains to disperse after a long period of inactivity.
Wormhole and Harmony are the two major blockchain bridge attacks of 2022, along with Ronin Network and BNB Bridge.