On August 22, Alex Shevchenko, CEO of Aurora Labs shared the incident of malicious activity via tweet. The incident happened on the Rainbow Bridge with the hacker losing 5 ETH with no user’s funds lost.
As per Shevchenko, the hacker has introduced a false NEAR block in the Rainbow Bridge contract and submitted the request of 5 ETH for safe deposit.
The hacker planned the malicious activity on August 20, assuming the team would be slow to respond during the weekdays. Alex also highlighted that there were programmed guard dogs that cancel out suspicious transactions. The attack was terminated within 31 seconds, prompting the attacker to lose their deposit.
Due to an increase in hacking activity, the CEO noticed that the team is thinking about increasing the amount required for safe deposits. However, the thought was dropped to keep the team to remain focused on the motive of decentralisation.
Moreover, Aurora Labs CEO requested the hacker to take a stab at accomplishing something useful for the community by dealing with bug bounties despite stealing users’ funds and experiencing difficulty in attempting to wash stolen assets.
Aurora Labs rewarded a security hacker with a bug bounty of $6 million for pointing out the weakness of the network to the Aurora team. The bug was instantly fixed and user funds were secured.
Moreover, if the whitehat programmer decided to exploit the network more than $200 million can be robbed.
The malicious entities that perform the hack of Ronin Bridge have moved the robbed funds into Bitcoin.
Moreover, the programmer is still attempting to spread out the funds taken by using privacy tools such as ChipMixer and Blender to outsmart the authorities.