Shibarium, the Ethereum-based Layer 2 scaling solution built around the Shiba Inu ecosystem, has suffered a major security breach, leading to the loss of about $2.4 million in assets. The drain attack has since prompted intense immediate emergency responses.

Hacker Uses Bridge Funds To Seize 4.6M BONE

In an X post on September 13, the development team behind the Shiba Inu (SHIB) token revealed that a hacker leveraged funds from an earlier bridge hack to acquire 4.6 million BONE tokens in a single block, mimicking a flash loan-style transaction. This maneuver temporarily granted the malicious actor significant validator voting power to sign a malicious state on the Shibarium network, where BONE functions as the governance token.

Notably, the flash loan-like transactions were settled using assets transferred directly from the bridge in the form of 224.57 Ethereum (ETH) ($1.05 million) and 92.6 billion SHIB ($1.30 million). However, the BONE tokens remain locked with validators due to staking mechanisms, preventing the attacker from withdrawing them immediately.

Nevertheless, the validator compromise highlighted a critical issue for the Ethereum layer 2 solution. The Shiba Inu team notes that evidence suggests that 10 of 12 validators’ signing keys were breached, leaving only K9 Finance and Unification validators resisting the malicious signing attempt.

In addition, other assets, including LEASH ($645,000), ROAR ($284,000), TREAT ($50,000), BAD ($17,000), and SHIFU ($10,000), were also drained but have not been sold. Meanwhile, the hacker’s attempt to offload approximately $700,000 worth of stolen KNINE to

Go to Source to See Full Article
Author: Semilore Faleti