bitcoin
Bitcoin (BTC)
$18,942.95
-0.94%24H
ethereum
Ethereum (ETH)
$1,291.57
-3.57%24H
binancecoin
BNB (BNB)
$274.29
-1.34%24H
ripple
XRP (XRP)
$0.501
2.32%24H
cardano
Cardano (ADA)
$0.449
-3.15%24H
solana
Solana (SOL)
$32.93
-2.48%24H
dogecoin
Dogecoin (DOGE)
$0.062
-5.39%24H
shiba-inu
Shiba Inu (SHIB)
$0.000011
-7.15%24H
matic-network
Polygon (MATIC)
$0.747
-3.00%24H

Hacker Loses $8000 Worth Ethereum While Trying To Attack Near Protocol’s Rainbow Bridge

The hacker lost Ethereum 5 in the process, but the Rainbow Bridge, which enables the transmission of cryptographically verifiable data between Near (NEAR) and Ethereum (ETH), has managed to withstand another attack.

The CEO of Aurora Labs, Alex Shevchenko, stated in a blog post on August 22 that a weekend attack on the bridge was promptly nullified within 31 seconds and that no user funds were compromised.

After a malicious attacker submitted a fake NEAR block to the Rainbow Bridge contract, the attack happened. A safe deposit of 5 ETH was needed for the transaction.

According to Shevchenko, “Automated watchdogs were challenging the malicious transaction, which led to an attacker losing his safe deposit.”

The Rainbow Bridge, developed by Aurora as the scaling solution for Ethereum built on the NEAR blockchain, enables users to move tokens across the ETH, NEAR, and Aurora networks.

“No designated middleman is involved in the rainbow bridge’s trustless assumptions to move messages or assets between chains. As a result, anyone, including the NEAR light client, can engage with its smart contracts “explained Shevchenko.

He noted that the information on NEAR blocks is typically sent to Ethereum by the bridge’s relayers, software running on conventional servers that frequently read blocks. However, occasionally some people deliberately submit misleading information.

Shevchenko warned that providing inaccurate information to the NEAR Light Client could result in the loss of all funds on the bridge and said that this action is secured by the consent of all NEAR validators.

Notably, a similar assault on the bridge was attempted on May 1 and was unsuccessful, costing the attacker ETH 2.5. The “bridge architecture was meant to resist such attacks,” Shevchenko claimed at the time.

Shevchenko meanwhile urged hackers to sign up for bug bounty programmes rather than attempting to steal user money. White hat hackers potentially receive up to a $1 million bounty from Aurora in exchange for analysing code and stopping hacks.

He stated, “Dear attacker, it’s fantastic to see the activity happening from your end, but if you genuinely want to accomplish something useful, instead of stealing user funds and having a difficult time attempting to launder it, you have a choice — the bug bounty.”

According to Immunefi, a prominent platform for bug bounty and security services, malicious actors stole over USD 670 million from crypto protocols during the second quarter of the year, at the same time as the unsuccessful attempt on the Rainbow Bridge. In comparison to Q2 2021, when hackers and fraudsters stole USD 440m, this amount has increased by over 50%.

As previously reported, a hacker used Harmony’s Horizon Bridge vulnerability to steal various crypto assets valued at USD 100 million in late June. And before that, hackers stole roughly USD 325 million from the decentralised finance (DeFi) network Wormhole in February, after exploiting the Ronin Network to the extent of USD 600 million.

Mufasa
Mufasa
Mufasa is the lead writer at CryptoMufasa who likes to share all the latest info on the crypto world with you! Mufasa Enjoys enjoys a good read and recommendations so don't forget to comment on the posts and let him know.

Similar Articles

Comments

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Advertisment

Most Popular