The decentralized finance world woke up to a nightmare on February 3, 2022. Wormhole, one of the most widely used cross-chain bridges connecting Solana to other blockchain networks, had been exploited for approximately $320 million in cryptocurrency. The attack sent shockwaves through the DeFi ecosystem and reignited urgent conversations about the security of multi-billion-dollar protocols.
TL;DR
- Wormhole, a cross-chain bridge on Solana, was hacked for roughly $320 million in wrapped Ether (wETH)
- Attackers made off with 120,000 wETH, with approximately 96,000 tokens bridged to the Ethereum network
- Jump Trading stepped in to replenish stolen funds and restore the 1:1 wETH backing
- The vulnerability was patched within hours, but Solana’s SOL token dropped 9% on the day
- Wormhole offered the attacker a $10 million bug bounty to return the stolen assets
What Happened: The Anatomy of the Exploit
In the early hours of February 3, attackers exploited a vulnerability in Wormhole’s smart contract system, draining approximately 120,000 wETH—wrapped Ether tokens that represent ETH on the Solana blockchain. The total value at the time of the exploit was roughly $320 million, making it one of the largest DeFi hacks ever recorded at that point.
According to blockchain forensics provider TRM Labs, approximately 96,000 of the stolen wETH tokens were quickly transferred to the Ethereum blockchain. “No onward movement yet, but we are tracking the situation,” TRM stated as they monitored the attacker’s wallets in real time.
The Wormhole team confirmed the exploit on Twitter, writing: “The wormhole network was exploited for 120k wETH. ETH will be added over the next hours to ensure wETH is backed 1:1.” The vulnerability was patched within hours, and the team reassured users on Telegram that remaining funds were secure.
Jump Trading Steps In
In a critical intervention, Jump Trading Group—the quantitative trading firm that had acquired Certus One, a founding contributor to the Wormhole project, in August 2021—committed to replacing the stolen funds. Jump Crypto announced it would supply the Ether necessary to ensure all wrapped ETH remained backed on a one-to-one basis.
The rapid response helped prevent a broader contagion effect that could have rippled across the Solana ecosystem. Without this backstop, the wETH on Solana would have been undercollateralized, potentially triggering a cascade of liquidations and further panic.
A $10 Million Bounty Offer
In an unusual move, the Wormhole developers publicly offered the hacker a $10 million bug bounty in exchange for details about the exploit and the return of all stolen funds. The offer was communicated on-chain and through public channels, though there was no immediate indication that the attacker intended to accept.
Worse News for Solana
The Wormhole hack compounded what was already a difficult period for Solana. The high-performance blockchain had suffered a 17-hour network outage in the fall of 2021 following bot-driven congestion, and reports of degraded performance from trading bots had continued into early 2022. On the day of the Wormhole exploit, SOL dropped approximately 9% according to CoinMarketCap data, significantly underperforming the broader market.
At the time of the snapshot, Bitcoin was trading at approximately $37,154 and Ethereum at $2,679, with the total cryptocurrency market capitalization around $1.79 trillion. The Wormhole incident dragged DeFi sentiment lower across the board.
Expert Warnings on DeFi Security
Tom Robinson, co-founder of blockchain analytics firm Elliptic, didn’t mince words about the implications. “This demonstrates once again that the security of DeFi services has not reached a level that is appropriate for the huge sums being stored within them,” he said. “The transparency of the blockchain is allowing attackers to identify and exploit major bugs.”
The Wormhole exploit was not an isolated incident. Cross-chain bridges had become prime targets for hackers due to the enormous value locked in their smart contracts and the inherent complexity of securing communication between different blockchain networks. The attack underscored a fundamental tension in DeFi: the protocols handling the most money were often the ones with the most attack surface.
Why This Matters
The $320 million Wormhole hack was a defining moment for cross-chain infrastructure security. It demonstrated that even protocols backed by major institutional players like Jump Trading remained vulnerable to sophisticated exploits. The incident accelerated the industry’s focus on bridge security audits, bug bounty programs, and insurance mechanisms. For everyday DeFi users, it served as a stark reminder that the promise of permissionless finance still came with significant risks—and that the line between innovation and exposure could vanish in a single transaction.
Disclaimer: This article is for informational purposes only and does not constitute financial advice. Cryptocurrency investments carry significant risk. Always do your own research before making investment decisions.
120k wETH gone in hours and the fix was jump trading will patch it lol. this is why bridges are the weakest link in defi
A $10M bounty for stealing $320M? What kind of incentive structure is that. The attacker would have to be monumentally stupid to take that deal.
sol already had that 17hr outage in sept 2021 then this happens. rough stretch for the eth killer narrative
^ honestly the 17hr outage was worse for confidence. at least this was a smart contract bug, fixable. network going down is existential
Elliptic got it right. the security of these protocols hasnt kept up with the TVL. how many more 9 figure hacks before the industry takes audits seriously