Allbridge attack: Exploiter returns majority of stolen $573K

Allbridge attack: Exploiter returns majority of stolen $573K

A large portion of the approximately $573,000 stolen from Allbridge has been returned to the project after the hacker seemingly accepted the offer of a “white hat bounty.” Allbridge is a multichain token bridge, and the attack took place on April 1, 2023, when the BNB Chain pools swap price was being manipulated by an individual acting as a liquidity provider and swapper. Blockchain security firm Peckshield was the first to identify the attack and warn Allbridge about it through a tweet.

Allbridge has not disclosed the exact amount that was stolen, but it is close to $550,000, according to blockchain security firm CertiK, while PeckShield stated that the exploit netted $282,889 in BUSD and $290,868 worth of Tether, totaling roughly $573,000. The hacker has returned 1,500 BNB (worth around $465,000) to Allbridge, and the remaining funds will be considered a white hat bounty to this person.

All the received BNB was converted to Binance USD (BUSD), a stablecoin, to be used as compensation. Allbridge has also revealed that a second address used the same exploit, and the wallet currently contains 0.97 BNB, valued at around $300. The project has asked the second exploiter to reach out and discuss the return of the funds.

Following the exploit, Allbridge offered the attacker a bounty and a chance to escape any legal ramifications. The company was working with a wide variety of organizations to retrieve the stolen funds. BNB Chain was one of those who answered the call to arms and discovered at least one of the culprits involved through on-chain analysis. According to BNB Chain, it’s actively supporting the Allbridge team on the fund recovery and gave a shout-out to AvengerDAO for its efforts in the recovery.

Conclusion

Allbridge suffered an attack resulting in a significant loss of funds, but the company’s quick response and offer of a white hat bounty seemed to have paid off, with the hacker returning a large portion of the stolen funds. The incident highlights the need for companies to take proactive measures to secure their assets and be prepared to act swiftly in the event of an attack.

• Allbridge suffered an attack resulting in a loss of approximately $573,000.
• The hacker returned 1,500 BNB, worth around $465,000, after accepting the offer of a “white hat bounty.”
• Allbridge converted the received BNB to Binance USD (BUSD) to be used as compensation.
• Allbridge has yet to disclose how much was stolen, but it is close to $550,000, according to CertiK.
• The project is working with a wide variety of organizations to retrieve the stolen funds.

While Allbridge has not yet disclosed the full extent of the damage caused by the attack, the fact that the hacker has returned a significant amount of the stolen funds is a positive development. The project’s offer of a white hat bounty appears to have played a crucial role in persuading the attacker to return the funds, which highlights the importance of collaboration and dialogue in resolving such incidents.

Allbridge’s proactive response to the attack and its efforts to recover the stolen funds demonstrate the company’s commitment to ensuring the security and integrity of its platform. However, the incident is a stark reminder of the ongoing threat posed by hackers and the need for companies to remain vigilant and take appropriate measures to protect their assets.

It remains to be seen whether the second exploiter will come forward to discuss the return of the stolen funds. However, Allbridge’s willingness to engage with the hacker and offer a bounty may encourage them to do so and help bring the incident to a satisfactory conclusion.

Final Thoughts

The Allbridge attack is a reminder that no platform is entirely immune to security breaches, and even the most robust security measures may not always be enough to prevent an attack. However, the incident also shows that proactive measures, such as offering a white hat bounty, can help mitigate the damage caused by an attack and encourage hackers to return stolen funds.

Ultimately, the key to preventing such attacks is ongoing vigilance, collaboration, and a willingness to adapt and evolve in response to emerging threats. By working together and taking proactive measures to protect their platforms and assets, companies can help minimize the risk of security breaches and ensure the safety and security of their users and stakeholders.