Attacker Lost 2.5 ETH Due To A Failed Attack On The NEAR Protocol Rainbow Bridge.
On May 1, the NEAR Protocol Rainbow Bridge was attacked. According to Aurora Labs CEO Alex Shevchenko, no assets were stolen, and the attacker even lost some money.
He also revealed the attacker’s address, who began with some ETH sent using Tornado Cash. The attack started on May 1, when the attacker used a contract to deposit money in order to become a Rainbow Bridge relayer. The plan was to send made-up light client blocks. Additional measures will be adopted, according to Shevchenko, to ensure that the cost of an attack increases.
After a while, one of the bridge watchdogs realized the submitted block wasn’t on the NEAR Protocol blockchain and issued a challenge transaction to Ethereum. In his tweet, Shevchenko explains:
“As a result, watchdog transaction failed, MEV bot transaction succeeded and rolled back the fabricated block of the attacker. Some min after this, our relayer submitted a new block:”
In his extensive Twitter thread, Shevchenko goes into much more technical detail about the incident. However, he emphasizes that programs would be focused on security measures.
“I wish everyone who is innovating in the blockchain to pay enough attention to security and robustness of their products through all the available means: automatic systems, notifications, bug bounties, internal and external audits.”
Rainbow Bridge is a cross-chain bridge that allows users to send and receive funds between the Ethereum, NEAR, and Aurora networks. Aurora Labs created it, and it is well-known for its user experience.
Bridge attacks have become more common in recent months. The largest of these was the hack of Ronin Bridge, which resulted in the theft of $615 million. Other attacks include Meter and Wormhole.
Given the large sums of money involved, the DeFi sector is a tempting target for hackers. Hackers stole nearly $1.22 billion from the DeFi space in the first three months of 2022 alone. That’s roughly eight times what it was in the same period the previous year.
Shevchenko emphasizes the need of developers focusing on security for this reason. Attackers will be more inclined to carry out an attack as more money pours in. Long-term success will be determined by security measures and audits.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join CoinCu Telegram to keep track of news: https://t.me/coincunews
Follow CoinCu Youtube Channel | Follow CoinCu Facebook page
Patrick
CoinCu News