Jump Crypto and Oasis.app ‘counter exploits’ Wormhole hacker for $225M

Mar 15, 2023 | wjb news

Jump Crypto, an Web3 infrastructure developer, and Oasis.app, a decentralized finance (Defi) service platform, launched a counter-attack on wormhole agreement network hackers, recovering $225 million in data assets and transferring it to a secure wallet.

The wormhole attack appeared in February 2022 when a vulnerability in the OTP bridge was used with a value of about $321 million in packaged ETH (Weth).

Since then, cyber hackers have moved to stolen funds based on ethernet's decentralized application process (Dapp), such as OASIS, which recently opened vaults that package Steth (WstETH) and Rocket Pool ETH (Reth).

In an online article on February 24, the Oasis.app elite team confirmed the anti-exploit attack and briefly stated that it had "received orders from the High Court of the UK and Panama" to retrieve assets related to "detailed addresses related to wormhole attacks".

The team stated that the search was initiated by "OASIS Multisig and a court-authorized third party" and was identified as Jump Crypto in a previous statement by Blockworks Research.

The history of the two vaults shows that Oasis moved to 120695 pounds ETH and 3213 euros on Feb. 21 and put it in a wallet controlled by Jump Crypto. The cyber hacker still has about $78 million in debt in MakerDAO's DAI (DAI) stablecoin, which is recovered.

We can also confirm that, in accordance with the requirements of the court order, this asset is immediately transferred to the authorized third party to manipulate the wallet. You do not retain control or browsing rights over this asset.

When talking about the adverse effects of OASIS being able to find data encryption assets with its customer repositories, the team noted that this could only be due to previously uncertain vulnerabilities in the management method of multi-signature browsing design.

Earlier that month, white hat hackers described such a loophole, the article said.

It is important to note that the sole purpose of such visits is to maintain customer assets in the event of any potential attack and to enable us to act quickly to fix all loopholes disclosed to you. It should be noted that in the past or today, client assets have never been exposed to the risk of all unauthorized party access.