Attacker gained access to wormhole and created an exploit that allowed to withdrawal over $250 million. This is the ethereum address that attacker used after bridging from solana. The attacker still holds solana in original exploit address CxegPrfn2ge5dNiQberUrQJkHCcimeR4VXkeawcFBBka.