Latest News

Allbridge Offers Bounty to Exploiter Who Stole $573K in Flashloan Attack

The attacker responsible for a $573,000 exploit on the multi-chain token bridge, Allbridge, has been offered the opportunity to come forward as a white hat and receive a bounty by the corporation. Peckshield, a blockchain security firm, first identified the attack on April 1 and warned Allbridge in a tweet that its BNB Chain pools swap price was being manipulated by an individual acting as a liquidity provider and swapper, allowing them to drain the pool of $282,889 in Binance USD $1.00 and $290,868 in Tether $1.00.

Following the hack, Allbridge extended an olive branch to the attacker in the form of an undisclosed bounty and the opportunity to avoid legal implications in a tweet on April 1.

“Please contact us using the official channels (Twitter/Telegram) or send a message through tx so we can consider this a white hat hack and discuss the bounty in exchange for the funds,” Allbridge stated.

Allbridge made it apparent in a separate sequence of tweets that they are hot on the trail of the stolen monies. Allbridge claims to be “tracking the hacker across social networks” with the help of its “partners and community.”

“We continue to monitor the wallets, transactions, and associated CEX accounts of persons engaged in the hack,” the statement continued. Allbridge also indicated that it is collaborating with law firms, law enforcement, and other projects that have been impacted by the exploiter. According to Allbridge, the bridge protocol has been temporarily paused to prevent potential exploits of its other pools; it will be restarted after the vulnerability has been corrected. “We are also in the process of deploying a web interface for liquidity providers to enable asset withdrawal,” it added.

In an April 1 publication, blockchain security firm CertiK provided an in-depth explanation of the hack, characterizing the method used as a flashloan attack. Certik claimed that the attacker obtained a $7.5 million BUSD flashloan, then launched a series of swaps for USDT prior to deposits in BUSD and USDT liquidity pools on Allbridge, distorting the price of USDT in the pool, allowing the hacker to exchange $40,000 of BUSD for $789,632 USDT.

According to a March 31 tweet from PeckShield, 26 crypto projects were hacked in March, resulting in a total loss of $211 million.

Almost 90% of the damages were caused by a March 13 attack at Euler Finance, although costly vulnerabilities were experienced by enterprises like as Swerve Finance, ParaSpace, and TenderFi.


Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.