Hackers Lose 5 Ether While Trying to Attack Near Protocol’s Rainbow Bridge

Automated security processes caused the attackers to lose money while trying to submit a fabricated transaction on the Rainbow bridge.

AccessTimeIconAug 23, 2022 at 12:08 p.m. UTC
Updated May 11, 2023 at 6:41 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Attackers trying to exploit Near Protocol’s Rainbow bridge lost some 5 ether (ETH), or just over US$8,000 at current rates, over the weekend after automated security processes by the bridge’s validators kicked in and mitigated the threat in under 31 seconds.

Blockchain-based bridges allow users to send and receive tokens between different networks by locking native tokens on either side. Rainbow allows users to send tokens among the Ethereum, Near and Aurora networks and has over $2.3 billion in assets locked on the protocol, data shows.

Rainbow developer Alex Shevchenko said in a note Monday that an attacker submitted a fabricated Near block to the Rainbow bridge contract over the weekend by putting up a “safe deposit” of 5 ether.

That transaction was successfully submitted to the Ethereum network, with the attacker expecting Rainbow developers to be unavailable to mitigate any threats. “[The] attacker was hoping that it would be complicated to react to the attack early Saturday morning,” Shevchenko explained.

The attacker likely intended to fake transactions and trick Rainbow’s smart contracts into releasing locked funds without depositing any initial funds. Such a sophisticated mechanism has previously been used to exploit several blockchain bridges, such as Nomad’s recent $200 million exploit.

But Rainbow’s validators automatically caught the fabricated block that the attacker tried to submit, challenged and blocked the transaction, and took away the safe deposit of 5 ether put up by the attacker.

This was possible because of how the Rainbow bridge works. As a wholly decentralized platform, Rainbow relies on several validators, called bridge relayers, who submit block info on Near blocks to Ethereum. Anyone can submit information to Rainbow, and false information could likely result in a loss of all user funds.

However, this is where the validators step in: They agree on which transactions are genuine by tracking blockchain activity on all networks connected to Rainbow. Incorrect transactions are challenged by independent “watchdogs” who observe the Near blockchain to check for data misfits, with incorrect transactions getting flagged and eventually blocked.

Such a mechanism protects the network from seeing potentially hundreds of millions of dollars in losses, especially as bridge attacks become more commonplace.

In late June, attackers linked to North Korean hacker group Lazarus exploited a vulnerability in Harmony's Horizon Bridge to steal over $100 million. In March, Axie Infinity’s Ronin Network was exploited for over $625 million, while Solana-based cross-chain bridge Wormhole lost over $325 million to attackers in February.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish group, owner of Bullish, a regulated, institutional digital assets exchange. Bullish group is majority owned by Block.one; both groups have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.

Shaurya Malwa

Shaurya is the Deputy Managing Editor for the Data & Tokens team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.


Read more about