Cryptocurrency firms Oasis, a decentralized finance platform, and Jump Crypto, a Web3 infrastructure company, on the approval of the British High Court, recovered nearly $200 million in stolen crypto funds after launching a major counter-hack against Wormhole attackers.
The Solana-based Wormhole Bridge, which was hacked on Feb. 2, 2022, was considered the second-biggest hack after the “Axie Infinity” Ronin bridge exploit when malicious actors stole around $325 million after they exploited a security flaw.
A year later, a group of white hat operatives, alongside Oasis and Jump Crypto, decided to launch a counter-hack or counter-exploit against Wormhole attackers and successfully recovered a portion of the stolen assets.
While a lot of things have transpired since then, the major breakthrough was when the High Court of England and Wales ordered Oasis on Feb. 21, to do all the necessary measures to recover the assets associated with the exploit, including the wallet address.
The recovery was initiated via Oasis Multisig, with the funds made up of 3,213 RETH and 120,695 WSTETH worth around $198 million removed from malicious actors’ possession and returned to a court-authorized third party.
“On Feb. 21, 2023, we received an order from the High Court of England and Wales to take all necessary steps that would result in the retrieval of certain assets involved with the wallet address associated with the Wormhole Exploit on the 2nd February 2022. This was carried out in accordance with the requirements of the court order, as required by law, using the Oasis Multisig and a court-authorized third party,” Oasis said in a blog post.
“Our team first became aware of the possibility to assist in the retrieval of the assets after a Whitehat group reached out to the team on the evening of Thursday 16th February 2023, which showed it would be possible to retrieve the assets and provided a Proof of Concept on how it could be achieved,” the decentralized finance platform added.
Oasis also assured the crypto community that its use of Oasis Multisig was only for the protection of users’ assets.
“We stress that this access was there with the sole intention to protect user assets in the event of any potential attack, and would have allowed us to move quickly to patch any vulnerability disclosed to us. It should be noted that at no point, in the past or present, have user assets been at risk of being accessed by any unauthorized party,” Oasis clarified.
However, Oasis’ use of a questionable process to recover the stolen funds has divided both crypto and decentralized communities.