In a space where cross-bridge attacks are common and hackers often get away with no penalty, here\u2019s news of a victory\u2014however small. Near Protocol not only managed to block one such attack, but the attackers also lost 5 ETH in the process.<\/p>\n
Hackers tried exploiting Near\u2019s EVM-compatible Rainbow Bridge on 21 August 2022. They failed because the attack was blocked within 31 seconds. No user funds were lost, but the attackers had to part with the deposit they made to implement the attack.<\/p>\n
Near\u2019s Rainbow Bridge allows users to migrate tokens across networks, including Near Protocol, Ethereum, and Aurora. The entire process is trustless and driven by smart contracts.<\/p>\n
What made the attack possible was the fact that anyone, including malicious actors, can interact with smart contracts, owing to their automated design. The attackers thus chose to use smart contracts to propose a false block within this particular blockchain. They planned an early morning attack in the hope that it wouldn\u2019t meet resistance given the time. They simply had to deposit 5 ETH to get the transaction verified.<\/p>\n
Things didn\u2019t go as smoothly as the hackers had hoped, though. The malicious transaction was flagged off, and the attackers lost the deposited ETH in the process.<\/p>\n
\ud83e\uddf5 on the Rainbow Bridge attack during the weekend
TL; DR: similar to May attack; no user funds lost; attack was mitigated automatically within 31 seconds; attacker lost 5 ETH. pic.twitter.com\/clnE2l8Vgz<\/a><\/p>— Alex Shevchenko \ud83c\uddfa\ud83c\udde6 (@AlexAuroraDev) August 22, 2022<\/a><\/blockquote>