Wormhole Hacker Almost Gets Airdrop, But Team Quickly Closes Security Hole

In 2023, Wormhole's airdrop program inadvertently included the hacker responsible for the 2022 $320 million breach, granting them eligibility for a $50,000 token claim. Despite the initial error, the Wormhole team promptly removed the hacker's wallets from the airdrop list, mitigating any potential payout.

Wormhole Hacker Briefly Eligible for Airdrop, Promptly Removed

On April 4, 2023, pseudonymous researcher Pland on X (formerly known as Twitter) exposed a brief lapse in Wormhole's security measures, revealing that wallets connected to the infamous $320 million hack in 2022 were inadvertently added to the list of eligible users for its W token airdrop.

The revelation stemmed from an analysis of Wormhole's airdrop eligibility process, which indicated that four wallets linked to the 2022 hack were initially marked as eligible for claiming the airdropped W tokens. Had the hackers exploited this oversight, they could have potentially claimed approximately $50,000 worth of the newly launched cryptocurrency.

However, a subsequent check of the affected wallet addresses on the Wormhole website confirmed that the team had swiftly addressed the issue and removed them from the eligibility list. The Solana Block Explorer has also flagged the four wallets for their involvement in the 2022 breach, providing further evidence of their malicious intent.

The Wormhole hack remains a pivotal event in the history of cryptocurrency, with the stolen funds ranking among the largest breaches in the sector. The incident prompted a counter-exploit by decentralized finance platform Oasis.app and infrastructure firm Jump Crypto, which successfully recovered approximately $225 million in digital assets from the hacker.

Wormhole's decision to distribute over 617 million W tokens to eligible users has raised concerns regarding potential security risks. Blockchain sleuth ZachXBT on X has issued warnings about the proliferation of scammers and hackers exploiting the airdrop to target unsuspecting users.

ZachXBT has identified numerous fake X handles sporting gold checkmarks, commonly associated with verified accounts. He emphasizes that these handles are often used by scammers to lure users into clicking phishing links, potentially exposing them to financial loss.

Wormhole's prompt removal of the compromised wallets from the airdrop eligibility list has mitigated the potential impact of this security lapse. However, the broader concerns raised by the airdrop and the ongoing presence of malicious actors underscore the critical importance of vigilance and caution within the cryptocurrency community.