Blockchain

Aurora Pays $2 Million To Hackers Who Discovered The Bug

Aurora paid $2 million to a pair of hackers who discovered significant flaws.
Aurora Pays $2 Million To Hackers Who Discovered The Bug 4

No user funds were lost as a result of the EVM scaling and bridge solution. The two $1 million bounties were awarded in the company’s native cryptocurrency AURORA and will be paid out in a year’s time. The ImmuneFi bug bounty platform handled the payments.

The vulnerability was identified on June 10 by security company Halborn and was revealed earlier today.

Aurora is a Layer 2 scaling solution and EVM-compatible bridge between the Layer 1 NEAR protocol and Ethereum. The initial vulnerability was caused by Aurora’s use of a separate ERC-20 (fungible token standard) known as NEP-141.

Aurora Pays $2 Million To Hackers Who Discovered The Bug 5

The bridge between the two chains is permissionless, which means that anybody may bridge over any token to any address without their knowledge.

An attacker may have produced a worthless NEP-141 token on NEAR, bridged it to Aurora, and then distributed it to unwitting victims. As a result, attackers would be able to “take ETH from Aurora addresses essentially for free,” according to the report. This is due to the bridge’s ability to charge the recipient or victim a fee denominated in ETH.

Aurora Pays $2 Million To Hackers Who Discovered The Bug 6

The second vulnerability was related to the bridge’s burning feature. Tokens are burnt on one chain and debited on the other when users bridge funds from one network to another.

An assailant may have staged a “fake burn event” without it really happening. This bogus event might then be used to take funds from the Ethereum locker, which is the Aurora bridge’s stored amount of ETH utilized for chain bridging.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Website: coincu.com

Harold

CoinCu News

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.

Recent Posts

Crypto Institutional Investors Move To ETFSwap (ETFS) Amid $500 Million Liquidity Injection Expectations

Discover why crypto investors are moving to ETFSwap (ETFS) as $500 million liquidity injection is…

2 hours ago

Buyers Rush to Maximise Gains with BlockDAG’s 100% Bonus Offer; Plus, ETH Holds Strong as Solana Challenges Rivals

Learn about BlockDAG's $110M presale achievement and the whopping 100% bonus offer, alongside Ethereum's growth…

4 hours ago

Thai Police Corruption Case Involving Officers and Extortion

Thai police corruption exposed as officers extort millions in USDT from a Chinese man under…

7 hours ago

SafePal Telegram Wallet Launches with Swiss Bank Accounts and CeDeFi

SafePal Telegram Wallet allows 950 million users to create compliant crypto-friendly Swiss bank accounts, integrating…

8 hours ago

Sheetz Crypto Payments Now Accepted at Over 750 US Locations

Sheetz crypto payments: 750+ US stores now accept Bitcoin, Ethereum, and more, rewarding customers through…

8 hours ago

Zhu Su Wife Sells Singapore Mansion for $38 Million

Zhu Su’s wife sells Singapore mansion for $38.5 million amid heightened financial scrutiny on Three…

9 hours ago

This website uses cookies.