Malicious entities are targeting cross-chain bridges more frequently than ever before. However, this does not mean that all hackers will be able to walk away with millions through their exploit attempts.
There are some of them who end up losing the money they have in their own wallets and this seems to have happened to a hacker who tried to exploit the Rainbow Bridge.
Hacking attempt failed
The chief executive of Aurora Labs, Alex Shevchenko posted a Twitter thread in which he disclosed the story of a hacker who had attempted to exploit the Rainbow Bridge.
Rather than being successful, the hacker had lost about 5 ether (ETH), which was valued at $8,000 at the time of writing.
The CEO said that the hacker had provided the Rainbow Bridge contract with a falsified NEAR block and had submitted the 5 ether (ETH), which is asked as a safe deposit.
The attacker had apparently believed that the response from the team would be slow over the weekend, so the exploit had been timed to happen on a Saturday.
However, Shevchenko said that despite the hacker’s plans, they had automated watchdogs that had been put into place for fighting off any malicious transactions.
Therefore, they were able to suppress the attempt in about 31 seconds and this meant that the hacker lost their safety deposit as well.
Since the exploit attempts seem to be increasing, the chief executive said that the team of Aurora Labs had considered the idea of increasing the amount needed for safe deposits.
However, he said that they had decided to dump the idea because they do not want to move away from their goal of decentralization and wish to be committed to it.
In addition, Shevchenko also had a message to give to the hacker. He urged the hacker to avoid stealing the money of users and then laundering the stolen assets.
Instead, he suggested that the hacker work on bug bounties and do the community some good. A $6 million bug bounty had been paid by Aurora Labs to an ethical security hacker on June 7th.
This was after the hacker got in touch with the Aurora team and highlighted a critical vulnerability. The team quickly patched the bug, thereby ensuring the safety of user funds.
Had the whitehat hacker decided to take advantage of the vulnerability and exploit the platform, Aurora would have suffered from losses worth $200 million.
The decentralized finance (DeFi) space has seen a number of hacks happen this year alone. Ronin Bridge was also hacked this year and the entities behind the attack transferred the funds stolen into Bitcoin (BTC).
The hackers are taking advantage of privacy tools, such as ChipMixer and Blender, in order to spread out the funds that they stole in the hack in order to outmaneuver the authorities.
Tornado Cash has also been used for the same purpose because of which it was recently sanctioned by the US Treasury Department.