UPDATE 13/09/25 What we know so far about the recent incident 👇 How the exploit was executed: • The attacker used funds from the bridge hack in the same block as the attack to acquire 4.6M BONE to temporarily gain validator voting power, attempting to do it in one transaction like a flash transaction • With this, they were able to sign a malicious state on Shibarium. • The flash loan-like transaction was repaid using assets drained from the bridge: 224.57 ETH & 92.6B SHIB. • Importantly, because the BONE remains delegated to validators, it is currently locked and cannot be withdrawn. Validator compromise: • Evidence indicates 10 of 12 validators’ signing keys were compromised. • Only @K9finance and @UnificationUND validators refused to sign the malicious state. • Without the flash loan, ($1m BONE bought and delegated in 1 transaction using the hacked funds) the attacker would not have achieved the required 2/3 majority. Assets affected: • Bridge assets: 224.57 ETH & 92.6B...
We are aware of the activity flagged by @peckshield and have engaged our internal team and external security partners to investigate thoroughly.
Our priority is the safety of the #ShibArmy. At this time, we are working to confirm the root cause and ensure all possible mitigations are in place.
We are committed to full transparency. A comprehensive report with findings and next steps will be published once the investigation concludes.
12.68K
0
The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.