Wormhole Team Pays White-Hat Hacker $10 Million for Discovered Vulnerability

The Wormhole project team paid $10 million to a white-hat hacker who identified a critical vulnerability in the cross-chain protocol. Immunefi, the platform hosting the corresponding bug bounty program, said so.

Whitehat satya0x reported a critical vulnerability in @wormholecrypto on Feb 24 via Immunefi.

The bug was quickly patched, no user funds were affected, and satya0x received a $10 million payout from Wormhole, the largest bounty payout on record. https://t.co/xKDGxfFLjA

— Immunefi (@immunefi) May 20, 2022

According to Immunefi’s press release, on February 24, 2022, a researcher going by the handle satya0x discovered a vulnerability in Wormhole’s core bridge smart contract on the Ethereum side of the blockchain. The exploit could potentially have led to user funds being frozen.

“The Wormhole team reacted incredibly quickly to the bug report, verifying and fixing the issue on the same day it was reported. User funds were not lost,” according to Immunefi’s statement.

For the discovered bug, satya0x received the maximum bounty allowed under Wormhole’s bug bounty program — $10 million. In addition to the cross-chain protocol, such a reward is offered only by the MakerDAO platform. 

In February 2022, hackers withdrew from the Wormhole pool more than $319 million in digital assets.

Read ForkLog’s Bitcoin news in our Telegram — cryptocurrency news, prices and analytics.