Failed Attack on NEAR Protocol Rainbow Bridge Cost Attacker 2.5 ETH

2 mins
2 May 2022, 07:00 GMT+0000
Updated by Levy Prata
4 May 2022, 15:32 GMT+0000
In Brief
  • The attacker started with ETH sent through Tornado Cash.
  • The attack failed, and no funds were lost.
  • CEO reminded developers to take strong security measures.
  • promo

The NEAR Protocol Rainbow Bridge was attacked on May 1. No funds have been stolen, and the attacker even lost some money, according to the CEO of Aurora Labs, Alex Shevchenko.

Shevchenko added that additional measures will be taken to ensure that the cost of an attack would increase.

He also posted the address of the attacker, who started with some ETH sent through Tornado Cash. The attempt began on May 1, with the attacker deploying a contract meant to deposit some funds to become a Rainbow Bridge relayer. The attack idea was to send made-up light client blocks.

After a while, one bridge watchdog discovered that the submitted block was not in the NEAR Protocol blockchain and sent a challenge transaction to Ethereum. Shevchenko explains in his tweet,

“As a result, watchdog transaction failed, MEV bot transaction succeeded and rolled back the fabricated block of the attacker. Some min after this, our relayer submitted a new block:”

Shevchenko explains the incident in much more technical detail in his lengthy Twitter thread. He stresses, however, that projects would focus on security measures,

“I wish everyone who is innovating in the blockchain to pay enough attention to security and robustness of their products through all the available means: automatic systems, notifications, bug bounties, internal and external audits.”

Rainbow Bridge is a cross-chain bridge that lets users transfer assets between the Ethereum, NEAR, and Aurora networks. It was built by Aurora Labs and is known for its user experience.

No respite for DeFi

Attacks on bridges have been on the rise in recent months. The largest of these was the hack of Ronin Bridge, which saw $615 million stolen. Other attacks include Meter and Wormhole.

The DeFi market is an attractive target for hackers, given so much money is flowing in. In the first three months of 2022 alone, hackers have stolen over $1.22 billion from the DeFi space. That’s nearly eight times as much as the same period last year.

It’s for this reason that Shevchenko is stressing that developers focus on security. As more money comes in, attackers will only be more tempted to carry out an attack. Security measures and audits will become paramount to long-term success.


BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.