"Online Thieves Steal $320m from Crypto Firm Wormhole"

Yet another cryptocurrency firm is offering a multimillion-dollar bug bounty reward to those who hacked it after suffering a cyber-heist worth an estimated $322m.  Wormhole operates what is known as a cross-blockchain bridge, enabling holders of certain cryptocurrencies to transfer tokens, data, and other assets between siloed blockchains.  Wormhole offers this service to bridge Ethereum, Solana, BSC, Polygon, Avalanche, Oasis, and Terra.  During an investigation, Wormhole confirmed that attackers stole 120,000 Ethereum tokens worth over $320m.  A security researcher going by the handle "samczsun" on Twitter has a detailed write-up of the attack after they reverse-engineered the exploit.  The hacker exploited a vulnerability on the Wormhole platform, enabling them to pocket new wrapped Ethereum (wETH) without needing to deposit any in return.  WETH is a version of Ethereum designed to be exchanged with other Ethereum-based tokens and has the same value as ETH.  Just like Qubit Finance a few days ago, Wormhole has reached out to its attacker, offering a massive $10m reward for finding the bug.  Wormhole stated they would like to offer the hacker a white hat agreement and present them a bug bounty of $10m for exploit details if they return the wETH they've minted.  This breach is easily the biggest theft of cryptocurrency so far this year and is the largest such incident targeting cross-blockchain bridges.  Wormhole noted that the vulnerability had now been patched, and it is working on getting the network back up and running.

Infosecurity reports: "Online Thieves Steal $320m from Crypto Firm Wormhole"