Wormhole rewarded $10 million to a white hat hacker who reported a bug

The Wormhole cross-chain bridge just spent $10 million on a white hat hacker who discovered a vulnerability in the product’s Ethereum smart contract in February.

According to an announcement from Immunefi (the bug bounty co-organizer with Wormhole), an individual with the code name satya0x is the one who discovered the vulnerability and received the aforementioned reward.

Wormhole unveiled the scheme in February, shortly after losing over $323 million in ETH to a hacker in one of the largest DeFi protocol attacks to date. Soon after, it refilled its blockchain bridge, promising the attacker $10 million in exchange for the funds.

Wormhole’s bug bounty program has different tiers, depending on the severity of the discovered vulnerability. Specifically, with a “low risk” level, a contract error can only bring in a reward of $2,500. Meanwhile, the reward that satya0x received is $10 million because the level of risk is at the system level.

Hacker satya0x said:

“I am proud to have played a role in mitigating a serious vulnerability and a systemic threat to the ecosystem.”

The Immunefi side stated that the user’s assets were still safe at the time the aforementioned bug was discovered. Soon after, Wormhole quickly deployed the update and patched it the same day.

“Wormhole is sending a clear message with this payout to the best, most talented whitehats on the planet that if they responsibly disclose security vulnerabilities to Wormhole, they’ll be well taken care of,” Immunefi said.

On its Twitter and medium pages, Immunefi also published a detailed report on the vulnerabilities in the aforementioned case.

The bug was related to Wormhole’s ability to upgrade smart contracts. Essentially, it could potentially allow a hacker to take control of those contracts. In a blog post, Immunefi provided a detailed breakdown of the issue that led to the security vulnerability and how it was fixed.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Harold

CoinCu News