Trusted

Failed Attack on NEAR Protocol Rainbow Bridge Cost Attacker 2.5 ETH

2 mins
Updated by
Join our Trading Community on Telegram

In Brief

  • The attacker started with ETH sent through Tornado Cash.
  • The attack failed, and no funds were lost.
  • CEO reminded developers to take strong security measures.
  • promo

The NEAR Protocol Rainbow Bridge was attacked on May 1. No funds have been stolen, and the attacker even lost some money, according to the CEO of Aurora Labs, Alex Shevchenko.

Shevchenko added that additional measures will be taken to ensure that the cost of an attack would increase.

He also posted the address of the attacker, who started with some ETH sent through Tornado Cash. The attempt began on May 1, with the attacker deploying a contract meant to deposit some funds to become a Rainbow Bridge relayer. The attack idea was to send made-up light client blocks.

After a while, one bridge watchdog discovered that the submitted block was not in the NEAR Protocol blockchain and sent a challenge transaction to Ethereum. Shevchenko explains in his tweet,

“As a result, watchdog transaction failed, MEV bot transaction succeeded and rolled back the fabricated block of the attacker. Some min after this, our relayer submitted a new block:”

Shevchenko explains the incident in much more technical detail in his lengthy Twitter thread. He stresses, however, that projects would focus on security measures,

“I wish everyone who is innovating in the blockchain to pay enough attention to security and robustness of their products through all the available means: automatic systems, notifications, bug bounties, internal and external audits.”

Rainbow Bridge is a cross-chain bridge that lets users transfer assets between the Ethereum, NEAR, and Aurora networks. It was built by Aurora Labs and is known for its user experience.

No respite for DeFi

Attacks on bridges have been on the rise in recent months. The largest of these was the hack of Ronin Bridge, which saw $615 million stolen. Other attacks include Meter and Wormhole.

The DeFi market is an attractive target for hackers, given so much money is flowing in. In the first three months of 2022 alone, hackers have stolen over $1.22 billion from the DeFi space. That’s nearly eight times as much as the same period last year.

It’s for this reason that Shevchenko is stressing that developers focus on security. As more money comes in, attackers will only be more tempted to carry out an attack. Security measures and audits will become paramount to long-term success.

🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Rahul-Nambiampurath.jpg
Rahul Nambiampurath
Rahul Nambiampurath's cryptocurrency journey first began in 2014 when he stumbled upon Satoshi's Bitcoin whitepaper. With a bachelor's degree in Commerce and an MBA in Finance from Sikkim Manipal University, he was among the few that first recognized the sheer untapped potential of decentralized technologies. Since then, he has helped DeFi platforms like Balancer and Sidus Heroes — a web3 metaverse — as well as CEXs like Bitso (Mexico's biggest) and Overbit to reach new heights with his...
READ FULL BIO
Sponsored
Sponsored