Allbridge, a multichain token bridge, suffered a hack resulting in a $573,000 loss, as an individual exploited its BNB Chain pools swap price.
To incentivize the attacker to return the stolen funds and help improve the security of the platform, Allbridge has offered a bounty and legal immunity to the hacker if they come forward as a white hat.
Allbridge has also announced that it is developing a web interface to allow liquidity providers to withdraw their assets, following the recent exploit on its multichain token bridge. Allbridge is actively tracking the stolen funds, monitoring wallets, transactions, and linked CEX accounts through collaboration with partners and the community. Allbridge has requested the hacker to contact them through official channels to discuss the bounty in exchange for returning the funds.
The company has also announced that it’s working with law enforcement, law firms, and other affected projects to track down the attacker.
Blockchain security firm CertiK offered an in-depth analysis of the hack, identifying it as a flash loan attack. The attacker took a $7.5 million BUSD flash loan, then initiated a series of swaps for USDT, manipulating the price of USDT in the pool, and allowing the hacker to swap $40,000 of BUSD for $789,632 USDT.
This attack is part of a growing trend in March, which saw 26 crypto projects hacked, with total losses of $211 million, according to a tweet by PeckShield.
Euler Finance’s hack on March 13 made up over 90% of the total losses, and other projects that suffered costly attacks last month include Swerve Finance, ParaSpace, and TenderFi.
