Fraudster lost 2.5 ETH in attempt to attack Rainbow Bridge

According to Aurora Labs CEO Alex Shevchenko, no funds were stolen, and the attacker even lost someof money. Shevchenko also published the address of the attacker, who started by sending some ETH tokens via Tornado Cash.

The fraudster tried to rob the protocol on May 1, whenhe launched a contract meant to contribute some funds to become a Rainbow Bridge repeater. The idea of ​​the attack was to send non-existent light client blocks (user nodes with minimal load).

Some time later, one of the bridge watchers discovered that the sent block was not on the NEAR Protocol blockchain and disputed the transaction.

Shevchenko explains the situation in his tweet:

‎"As a result, the transaction of that observerfailed, while the MEV bot transaction succeeded and rolled back the attacker's fabricated block. A few minutes later, our relay sent a new block.”‎

Shevchenko explains the incident in much more detail in another tweet. However, he emphasizes that projects should focus on establishing even greater security for users:

“I wish everyone who innovates in the blockchain,pay sufficient attention to the safety and reliability of their products through all available means: automated systems, notifications, rewards for errors, internal and external audits.”

Rainbow Bridge is a cross-chain bridge that allows users to transfer assets between the Ethereum, NEAR, and Aurora networks. It was created by Aurora Labs and is known for its user interface.

Attacks on bridges have increased in recent months. The largest of these was the Ronin bridge breach, which resulted in the theft of $615 million. Other attacks also affected Meter and Wormhole.

In the first three months of 2022 alone, hackers stole more than $1.22 billion from the DeFi space. This is almost eight times more than in the same period last year.

</p></p>