WEB3

Allbridge Hack Response: Bridge Locked, White Hat Bounty, LPs Opened for Withdrawals

by BSCN

April 3, 2023

chain

Security firms, BNB Chain step up to help Allbridge respond to $570,000 exploit.

$570K Taken From BNB Chain Pools

The Allbridge team has pulled out all the stops to address an exploit that drained $570,000 from the bridge protocol’s BNB Chain liquidity. That includes offering a white hat bounty to the hacker, who they say has been identified, locking the protocol’s bridge and reopening liquidity pools for users to recover their funds.

As BSC News reported, a hacker attacked the Allbridge Core protocol’s BUSD/USDT pools by manipulating the pool’s BUSD price and then draining the pool funds.

The Allbridge team responded by closing the bridge and pursuing an investigation of the incident, aided by security entities such as PeckShield, Hacken and HAPI Labs.

“Firstly, we propose a white hat bounty for the recovered assets. Legal action will not be pursued against the white hat,” Allbridge said.

The official BNB Chain account tweeted that, thanks to AvengerDAO, the hacker had been identified. BscScan data pinpoints a wallet labeled as “UF Dao Hacker,” stemming from a January exploit of another protocol of some $90,000.

Since the exploit, the attacker has been busy sending funds to and through a variety of protocols, wallets and accounts, including Centralized Exchange hot wallets and Tornado Cash. HAPI posted a graphic showing the flow of assets.

“With this information we contacted exchanges in question and the process of freezing CEX accounts of the perpetrator has begun. This is the first step to retrieve lost assets!” HAPI tweeted

As of the time of publication, Allbridge’s response involved the following:

  • Closing the Allbridge Core Bridge
  • Reopening the bridge’s liquidity provision until the end of the week so that liquidity providers can withdraw their assets
  • At the end of the week, pools will be closed and a recovery pool will be created to compensate victims
  • Offering a white hat bounty to the attacker in exchange for protection from prosecution.

What Is Allbridge:

Allbridge describes itself as a simple, modern, and reliable way to transfer assets between different networks. It is a bridge between both EVM (Like Ethereum, Polygon, BSC) and non-EVM compatible (like Solana, Terra) blockchains, that aims to cover L2 (like Arbitrum, Optimism) solutions and NFT transfers in the future.

Allbridge’s mission is to make the blockchain world borderless and provide a tool to freely move assets between different networks.

Website | Twitter | Docs |

;