Hacker Loses 5 ETH (~$8,000) In Failed Attack on NEAR Rainbow Bridge

Updated by Kyle Baird
In Brief
  • A hacker lost 5 ETH in a failed attack on the NEAR protocol Rainbow Bridge.
  • No user funds were lost, said Aurora Labs CEO Alex Shevchenko.
  • Aurora's "automated watchdogs" mitigated the attack "within 31 seconds."
  • promo

    Developing the Next-generation DAO Operating System Read Now

Aurora Labs CEO Alex Shevchenko said that on Aug. 22 a hacker lost 5 Ethereum (ETH) in a failed attack on the NEAR/ETH Rainbow Bridge over the weekend. No user funds were lost.

Shevchenko said the attack “was mitigated automatically within 31 seconds,” highlighting what looks like an effective mechanism to safeguard user funds on the bridge.

It comes as hackers pilfered nearly $2 billion from the DeFi industry during the first six months of this year, according to Chainalysis.

Aurora ‘watchdogs’ prevent Rainbow Bridge attack

The Rainbow Bridge allows users to transfer tokens between ETH, NEAR, and the Aurora networks. It was created by Aurora, the Ethereum-compatible scaling solution built on the NEAR blockchain.

Users can send ERC-20 assets directly from MetaMask or other Web3 wallets to NEAR wallets and applications, and vice versa.

The bridge “is based on trustless assumptions with no selected middleman to transfer messages or assets between chains.” Because of this, anyone can interact with its smart contracts, “usually with bad intentions.”

Shevchenko said cybercriminals cannot, however, submit “incorrect” information due to the need for “a consensus of NEAR validators,” which protect against the potential loss of all funds on the bridge.

“If someone tries to submit incorrect information, then it would be challenged by independent watchdogs, who also observe NEAR blockchain,” he said in a blog post.

Fabricated block creation

Over the weekend, an attacker submitted “a fabricated NEAR block” to the Rainbow bridge, requiring a so-called “safe deposit” of 5 ETH. The transaction was successfully submitted to Ethereum on Aug. 20, at 04:49:19 PM UTC.

Shevchenko said the hacker “was hoping that it would be complicated to react [to] the attack early Saturday morning.”

However, “automated watchdogs challenged the malicious transaction,” resulting in the attacker losing their 5 ETH deposit, valued at about $8,000 at the time.

“The reaction took only 31 seconds,” claimed the Aurora CEO. “After notifications on strange activities, within one hour the team was checking that everything is OK…”

This is not the first time that the Rainbow bridge has been attacked. On May 1, the platform defended an attempt by hackers to siphon funds. Shevchenko said that is “because the bridge architecture was designed to resist such attacks.”

He added that Aurora “discarded” plans to boost security by increasing the safe deposit because that would make the bridge “more permissioned” and less decentralized. Instead, the protocol paid a $6 million bounty to ethical hackers to help secure user funds.

Shevchenko had a special message for the attacker:

“It’s great to see the activity from your end, but if you actually want to make something good, instead of stealing users money and having lots of hard time trying to launder it; you have an alternative — the bug bounty:”

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.