The NEAR Protocol Rainbow Bridge was attacked on May 1. According to Alex Shevchenko, CEO of Aurora Labs, no funds have been stolen, and the attacker has also lost some money.
Shevchenko said additional measures would be taken to ensure that the cost of the attack would go up.
He also posted the address of the attacker, who started with some ETH sent via Tornado Cash. The effort began on May 1, when the attacker deployed a contract to deposit some funds to become a Rainbow Bridge relayer. The idea of the attack was to send a built-in lightweight client block.
After a while, a bridge watchdog found that the block submitted was not in the NEAR protocol blockchain and sent a challenge transaction to Ethereum. Shevchenko said in his tweet,
“As a result, the watchdog transaction failed, the MEV bot transaction succeeded, and the attacker’s fabricated block was retrieved. A few minutes later, our relayer submitted a new block:”
Shevchenko explained the incident in more technical detail in his lengthy Twitter thread. However, he stressed that the projects would focus on safeguards,
“I want everyone who is innovating in blockchain to pay adequate attention to the security and strength of their products through all available means: automated systems, notifications, bug bounties, internal and external audits.”
Rainbow Bridge is a cross-chain bridge that lets users transfer assets between the Ethereum, NEAR and Aurora networks. It was created by Aurora Labs and is known for its user experience.
No relief for DeFi
Attacks on bridges have increased in recent months. The biggest of these was the Ronin Bridge hack, in which $615 million was stolen. Other attacks include meters and wormholes.
The DeFi market is an attractive target for hackers, considering that there is so much money coming in. In the first three months of 2022 alone, hackers stole more than $1.22 billion from DeFi space. This is almost eight times more than the same period last year.
That is why Shevchenko insists that developers pay attention to security. As more money comes in, attackers will only become more tempted to carry out the attack. Security measures and audits will become paramount to long-term success.