Oasis, Jump Crypto recover $225M assets from Wormhole exploits

Oasis, Jump Crypto recover $225M assets from Wormhole exploits

On Saturday, Jump Crypto and Oasis.app announced that they had recovered 120,000 Ethereum (ETH) from last year’s Wormhole exploit, returning over $225 million worth of digital assets to a safe wallet.

The Wormhole exploits occurred on Oasis’ decentralised finance platform in February 2022. Hackers manipulated existing contracts to transfer massive amounts of collateral through a protocol bridge vulnerability.

Wormhole Cryptocurrency revealed that hackers exploited over 120,000 ETH after the attack. Estimates showed around $321 million was stolen at the time. The incident sparked a heated debate about the safety of digital currency, showcasing potential vulnerabilities in decentralised finance platforms.

After the High Court of England and Wales ordered Oasis to retrieve the lost assets, the decentralised finance platform launched a counter-exploit against the hackers in collaboration with Jump Cryptocurrency, then referred to as an authorised third party.

Moving assets

Following the Wormhole exploits, the hacker evaded capture by moving assets around different vaults through several Ethereum-based decentralised applications.

Oasis discovered assets opened in Rocket Pool ETH (rETH) and Wrapped Staked ETH (wstETH). Per both vaults’ transaction histories, Oasis immediately transferred 3,213 rETH and 120,695 wstETH to a safe wallet in Jump Cryptocurrency’s control.

The team also found that the hacker collected over $78 million of debt from MakerDao’s DAI crypto stablecoin and successfully recovered the debt in retrieval efforts.

Both parties have yet to disclose how they retrieved the assets. However, Oasis’ blog post and vault transaction histories suggested that the team transferred stolen assets from outside vaults to a safe wallet.

The transfer was conducted immediately after identifying assets, implying the team had full access to private vaults. Yet, the crypto community raised concerns about user protection and privacy violations.

Oasis emphasised that the retrieval was made possible via an undetected vulnerability in administrative access. The platform assured users that it would take the appropriate measures to prevent future exploits or retrievals.