- Hacker drained the pool of $282,889 in BUSD and $290,868 worth of Tether USDT.
- CertiK explained the breach and revealed that a flashloan attack had been utilized.
Allbridge has given the hacker who was responsible for a $573,000 vulnerability on its multichain token bridge an opportunity to reveal themselves as white hats and collect a reward. A person posing as a liquidity provider and swapper drained the pool of $282,889 in Binance USD (BUSD) and $290,868 worth of Tether USDT, according to a tweet from blockchain security company Peckshield, which first noticed the incident on April 1.
After the hack on April 1, Allbridge took to Twitter to extend an olive branch to the perpetrator by offering them a bounty and the possibility of avoiding legal repercussions. Allbridge pleaded with the hacker to refund the stolen money by contacting them through proper methods (Twitter/Telegram) or sending a message via tx.
Please contact us via the official channels (Twitter/Telegram) or send a message through tx, so we can consider this a white hat hack and discuss the bounty in exchange for returning the funds.
— Allbridge (@Allbridge_io) April 2, 2023
Bridge Protocol Disabled For Now
Allbridge confirmed their pursuit of the missing money in a separate series of tweets. Allbridge claims to be “tracking the hacker through social networks” with the assistance of its “partners and community.” The wallets, transactions, and associated CEX accounts of those engaged in the breach are still being monitored, it said.
Allbridge also indicated that it is collaborating with legal firms, law enforcement, and other impacted projects in order to bring the exploiter to account. For the time being, Allbridge has disabled its bridge protocol to protect its other pools from future attacks. The service will be restored when the flaw has been fixed.
In a detailed blog post published on April 1, blockchain security company CertiK explained the breach and revealed that a flashloan attack had been utilized.
