Near’s Rainbow Bridge is attacked for the second time


NEAR’s Rainbow Bridge has been hacked. Fortunately there was no property damage to the protocol. Notably, the hacker lost 5 ETH.

Much luckier than Ronin network or Wormhole, this hack of the Rainbow bridge on Near Protocol has no property damage to the project side.

On the evening of May 22, Alex Shevchenko – CEO of Aurora announced that the hacker had failed when trying to attack the Rainbow bridge and lost 5 ETH (7,000 USD).

The idea of ​​the attack is to send pre-made “fake blocks” from the client application.

Specifically, this hacker sent a “fake” NEAR block to the Rainbow Bridge contract. During the transaction, this person must deposit funds (5 ETH) to become a valid Rainbow Bridge relayer. successfully displayed at 4:49pm (August 20).

This guy timed the front run relayer of the bridge but received a humiliating failure.

Hacker lost 5 ETH. Source: Etherscan.

Later, the bridge watchdog discovered that the submitted block was not in the NEAR Protocol blockchain and signaled to Ethereum. The Aurora team immediately discovered this anomaly. They have suspended the connection ports to check and then bring the network back to normal.

The attack was neatly handled within 31 seconds by a special automated mechanism that used mev bots to front running watchdogs transactions. Thanks to that, the attack was completely stopped, and this “unlucky” hacker also lost 5 ETH in the transaction initiation fee.

According to CEO Aurora, this attack is exactly the same as the hack in early May. At that time, the hacker lost 2.5 ETH.

Rainbow Bridge is a cross-chain bridge that allows users to transfer assets between the Ethereum, NEAR, and Aurora networks. Rainbow is built by the Aurora Labs team and provides a good user experience.

Bridge attacks have been on the rise in recent months. The largest of these cases was the theft of more than $600 million in Ronin Bridge.

Source MarginATM


Please enter your comment!
Please enter your name here