Fake cross-chain transfer message reportedly triggered the exploit.
On-chain data showed funds transferred through a forged bridge payload
Photo Credit: Unsplash/rc.xyz NFT gallery
Verus Protocol's Ethereum bridge was reportedly exploited on Monday. The incident happened when a hacker was able to fraudulently transfer out at least $11.5 million (roughly Rs. 110 crore) in cryptocurrency through a fake cross-chain transfer message. On-chain security platform Blockaid stated that its detection system had caught this ongoing exploit on the Verus-Ethereum bridge, which includes a transaction on Etherscan showing a transfer of 1,625 Ether (ETH), 147,659 USDC (USDC), and 103.57 tBTC v2. Blockade added that this incident is a resemblance of the $190 million (roughly Rs. 1,829 crore) Nomad Bridge exploit and the $325 million (roughly Rs. 3,129 crore) Wormhole exploit in 2022.
Etherscan shows the wallet has a balance of 5,402 Ether, worth more than $11.4 million (roughly Rs. 110 crore). While blockchain security firm PeckShield also described the transfer as an exploit, with on-chain data showing the funds have since been swapped for Ether. Blockaid further added that the attacker exploited the protocol by duping them into believing the transfer instructions were real, causing the bridge to send funds from its reserves to the attacker's wallet.
ExVul, a blockchain security provider, also arrived at a similar conclusion and said that the attacker used a “forged cross-chain import payload” that went past the bridge's verification flow and resulted in “three attacker-attached transfers to the drainer wallet.” “Cross-chain import proofs must bind every downstream transfer effect to authenticated payload data before execution,” the blockchain security provider further added that “Bridges should add strict payload-to-execution validation, defense in depth around proof verification and pause outbound flows when anomalous imports are detected.”
DeFi platforms and security bridges have been under threat of security breaches for a very long time now. In April, security researcher Taylor Manonan claimed that North Korean IT workers have been infiltrating DeFi platforms for the past 7 years. This includes over 40 DeFi platforms. She further added that seven years of DeFi experience on their resumes is not a lie, cause they have built all the critical protocols that run on each of these DeFi platforms. This data revelation came hours after the Drift Protocol disclosed a $280 million (roughly Rs. 2,696 crore) exploit, which also had a DPRK group behind it.
Another protocol that fell victim to such fraudulent activities was Kelp DAO, which suffered a loss of $293 million (roughly Rs. 2,821 crore). Following this attack, DeFi protocols came together in an attempt to restore the backing of Restaked Ether (rsETH) that was lost due to this hack. The Decentralised platform Aave has called this effort “DeFI United”. Crypto protocols involved also include Mantle, EtherFi Foundation, Golem Foundation, Lido DAO, Ethena, LayerZero, Ink Foundation, and Tyrdo.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.