{"id":66152,"date":"2022-08-22T18:24:54","date_gmt":"2022-08-22T15:24:54","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=66152"},"modified":"2025-09-06T23:51:36","modified_gmt":"2025-09-06T20:51:36","slug":"hackers-failed-rainbow-bridge-cross-chain-attack-costs-him-5-eth","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/hackers-failed-rainbow-bridge-cross-chain-attack-costs-him-5-eth\/","title":{"rendered":"Hacker\u2019s failed Rainbow Bridge cross-chain attack costs him 5 ETH"},"content":{"rendered":"<p>The Rainbow Bridge cross-chain bridge successfully repelled an attack by an unknown hacker, which he attempted on August 20. This was disclosed by Aurora Labs CEO Alex Shevchenko.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">\ud83e\uddf5 on the Rainbow Bridge attack during the weekend<br \/>TL; DR: similar to May attack; no user funds lost; attack was mitigated automatically within 31 seconds; attacker lost 5 ETH. <a href=\"https:\/\/t.co\/clnE2l8Vgz\">pic.twitter.com\/clnE2l8Vgz<\/a><\/p>\n<p>\u2014 Alex Shevchenko \ud83c\uddfa\ud83c\udde6 (@AlexAuroraDev) <a href=\"https:\/\/twitter.com\/AlexAuroraDev\/status\/1561692371833667585?ref_src=twsrc%5Etfw\">August 22, 2022<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The attacker sent a forged NEAR block, for which a deposit of 5 ETH (more than $7,850 at the time of writing) was required. According to Shevchenko, the unknown attacker expected that on Saturday morning it would be difficult for the developers to respond to the attack.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">6\/15 The transaction was successfully submitted in the Ethereum blockchain in the block 15378741 on Aug-20-2022 04:49:19 PM +UTC.<br \/>Note the time of attack: an attacker was hoping that it would be complicated to react on the attack early Saturday morning.<\/p>\n<p>\u2014 Alex Shevchenko \ud83c\uddfa\ud83c\udde6 (@AlexAuroraDev) <a href=\"https:\/\/twitter.com\/AlexAuroraDev\/status\/1561692388401156097?ref_src=twsrc%5Etfw\">August 22, 2022<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The system automatically rejected the forged block 31 seconds after the transaction was submitted. As a result the hacker lost his deposit; users&#8217; funds remained safe.<\/p>\n<p>Shevchenko added that a similar attack had been attempted on May 1. He suggested that the attacker participate in the bug-bounty program for the NEAR network&#8217;s Layer-2 protocol rather than \u201cstealing users&#8217; funds and spending time trying to launder them.\u201d<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">14\/15 And forth, dear attacker, it&#8217;s great to see the activity from your end, but if you actually want to make something good, instead of stealing users money and having lots of hard time trying to launder it; you have an alternative \u2014 the bug bounty:<a href=\"https:\/\/t.co\/w67Y5AhRoH\">https:\/\/t.co\/w67Y5AhRoH<\/a><\/p>\n<p>\u2014 Alex Shevchenko \ud83c\uddfa\ud83c\udde6 (@AlexAuroraDev) <a href=\"https:\/\/twitter.com\/AlexAuroraDev\/status\/1561692661110620165?ref_src=twsrc%5Etfw\">August 22, 2022<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The NEAR Protocol <a href=\"https:\/\/u1f987.com\/en\/news\/near-protocol-developers-launch-ethereum-layer-2-protocol\">launched the L2 protocol Aurora<\/a> to interact with Ethereum in May 2021.<\/p>\n<p>In May 2022 <a href=\"https:\/\/u1f987.com\/en\/news\/aurora-team-launches-90-million-fund-to-back-defi-projects\">the Aurora developers opened a fund<\/a> of about $90 million to accelerate DeFi application development. Later, the project 1inch Network <a href=\"https:\/\/u1f987.com\/en\/news\/1inch-announces-integration-with-aurora\">announced the integration<\/a> with the Ethereum Virtual Machine.<\/p>\n<p>In August, Matt Henderson, head of product at Aurora Labs, <a href=\"https:\/\/u1f987.com\/en\/news\/aurora-labs-manager-reveals-crypto-fraud-scheme-involving-otc-trades\">revealed a &#8216;captivating and sophisticated&#8217; scheme<\/a> of fraud involving a cryptocurrency OTC trade, of which he nearly became a victim.<\/p>\n<p>Follow ForkLog&#8217;s Bitcoin news on our <a href=\"https:\/\/telegram.me\/forklog\" target=\"_blank\" rel=\"nofollow noopener\">Telegram<\/a> \u2014 cryptocurrency news, prices and analytics.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Rainbow Bridge cross-chain bridge successfully repelled an attack by an unknown hacker, which he carried out on August 20. This was disclosed by Aurora Labs CEO Alex Shevchenko.<\/p>\n","protected":false},"author":1,"featured_media":66153,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1216],"class_list":["post-66152","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-near-cryptocurrency"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/66152","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=66152"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/66152\/revisions"}],"predecessor-version":[{"id":66154,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/66152\/revisions\/66154"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/66153"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=66152"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=66152"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=66152"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}