Decentralize finance (DeFi) wallet Oasis said in a blog post on Friday it used a "previously unknown vulnerability" in the design of the admin multi-sig access to exploit itself to seize crypto stolen from the Wormhole exploit.
Subscribe to our Telegram channel to get daily short digests about events that shape the crypto world
The team behind the DeFi wallet pointed out it was ordered by the High Court of England and Wales to retrieve the assets. However, the hack wouldn't be possible without assistance from an undisclosed "whitehat group."
"We stress that this access was there with the sole intention to protect user assets in the event of any potential attack, and would have allowed us to move quickly to patch any vulnerability disclosed to us."
Although it's unclear if the exploit was used in the past to stole crypto from other customers, Oasis reassured that "at no point, in the past or present, have user assets been at risk of being accessed by any unauthorized party."
In February 2022, Solana-based cross-chain protocol Wormhole suffered a hacker attack, resulting in a loss of 120,000 wETH tokens (worth more than $319 million). Wormhole smart contracts allegedly failed to fully validate all input data, allowing transactions to be initiated with incorrect variables.
Access more than 50 of the world's financial markets directly from your EXANTE account – including NASDAQ, London Stock Exchange and Tokyo Stock Exchange