Arbitram, a popular Layer 2 solution for Ethereum, was compromised by a white hat hacker on September 19. formula, hackers discovered a potential vulnerability in Arbitrum’s code. As a result, the network used 400 ETH worth about $560,000 as pay-off.
Over the years, many hacks and exploits have hit the crypto industry to varying degrees. Some hacking incidents are linked to vulnerabilities that hackers discover in crypto networks.
Some white hat hackers will sometimes settle and get a grant from the protocol. But other hackers will siphon funds from network vulnerabilities.
Hacker, says Riptide On Twitter, uncovered flaws in smart contracts written in Solidity Riptide was discovered after scanning the Arbitrum Nitro code a few weeks before its release. The hacker wanted to verify the contracts to make sure their update was successful.
Arbitram discovered a hacker vulnerability in the L1-L2 bridge
After the full update, Riptide picked up some bugs with the bridge that prevented its smooth operation. Finally, the hacker checked some details and discovered a delay in the bridge’s inbox sequencer.
According to Riptide, a user can sign and publish an L1 transaction to the delayed inbox of the Arbitram chain to send a message to the sequencer. Such a process is mainly applicable when using a bridge to deposit ETH or other tokens.
By rescanning the contract, the hacker discovered a critical vulnerability in the contract. Riptide noted that the Inbox sequencer has a bug that could make him or a bad actor millions of dollars.
Before being noticed, they can divert incoming ETH deposits from L1 to L2 bridge to their wallets.
After his discovery, Riptide reported the weakness of Arbitrum and requested a reward of only 400 ETH. However, Outplay surprised Arbitrum as they had already offered the hacker a maximum of $2 million.
The Crypto Space and White Hat Hacking
The crypto space has faced several white hat hacks. Such hacks on various platforms are associated with discovering potential vulnerabilities in the network’s smart contracts or code.
An employee of Orchid, DeFi VPN Protocol, Jay ‘Sauric’ Freeman, Report A Vulnerability to Optimism, an Ethereum L2 Scalability Solution. The resulting protocol rewarded Freeman with $2 million.
Also, Coinbase parted ways with $250,000 in mid-February to a hacker known as ‘Tree of Alpha’. Hacker discovered a flaw in crypto exchange’s ‘advanced trading’ feature and saved nearly a billion dollars in losses. Coinbase reports that the payment is the largest donation in its history.
Note that in March 2022, Arbitram suffered an exploit due to hacking and lost 100 NFT from TreasureDAO. The tokens were worth about $1.4 million at the time of the incident.
Featured image Pixabay, Chart: TradingView.com
