Crypto bridges have become a hot target for nefarious actors. However, not all malicious attackers make away with millions in stolen digital assets. Some actually lose money during their DeFi exploit attempts.
Such an incident happened over the weekend when the Near Protocol’s Rainbow Bridge was able to thwart hackers successfully.
Another Successful Bridge Defense
Hackers tried to exploit Near Protocol’s Rainbow Bridge yet again over the weekend. Similar to the first attempt in May, automated security processes intercepted the attack in under 31 seconds, the CEO of Aurora Labs Alex Shevchenko, announced on Monday.
🧵 on the Rainbow Bridge attack during the weekend
TL; DR: similar to May attack; no user funds lost; attack was mitigated automatically within 31 seconds; attacker lost 5 ETH. pic.twitter.com/clnE2l8Vgz
— Alex Shevchenko 🇺🇦 (@AlexAuroraDev) August 22, 2022
Cross-chain bridges enable interoperability across blockchains. The Rainbow bridge allows users to move funds between the Near Protocol, Ethereum, and Aurora through smart contracts.
According to Shevchenko, the hacker submitted a falsified Near block to the Rainbow bridge and put up the required safe deposit of 5 ether Saturday morning. The hacker was probably hoping that the early-morning weekend attack would have been difficult to mitigate.
But Rainbow’s automated watchdogs fended off the malicious transaction, leading to the hacker losing their 5 ETH deposit, equivalent to roughly $8,000 at the time. No user funds were lost in the attempted exploit.
Shevchenko advised the attacker to focus on doing good for the community by working on bug bounties instead of pilfering users’ funds and having a rough time trying to launder the ill-gotten assets.
Cross-Chain Bridge Thefts On The Rise
As the cross-chain space is in a period of nascence, exploits have become rife. This year alone, $2 billion worth of cryptocurrency has been fleeced in bridge hacks. This figure accounts for around 69% of all stolen crypto funds in 2022.
Earlier this month, Nomad bridge suffered a loss of nearly $200 million after an easily-replicable exploit allowed multiple attackers to swipe funds from the protocol.
Additionally, $625 million was stolen from Axie Infinity’s Ronin bridge in March, and last month, Harmony’s Horizon bridge was exploited for around $100 million in various tokens. The Ronin exploiters reportedly converted a portion of the stolen assets from ETH to BTC and used coin mixers ChipMixer and Blender to further conceal their identities.
Aurora rewarded a whitehat hacker $6 million last month for discovering a vulnerability that could have put more than $250 million of funds at risk. This was arguably one of the largest bounties ever paid out for a crypto vulnerability.