Aurora Labs paid white hackers $2 million for bugs found
The project team began working on a long-term and reliable solution to the problems

04.09.2022 - 07:30
441
1 min
0
What’s new? In June, the Aurora Labs team received two reports containing information on the identified critical vulnerabilities. The company paid the authors of these reports remunerations of $1 million each in Aurora tokens (AURORA). Information about this appeared on the team’s blog.
What did the white hackers discover? They discovered the first vulnerability in the operation of the cross-chain bridge, NEAR Rainbow Bridge, to transfer funds between Ethereum and Aurora with NEAR. According to white hackers’ theory, an attacker could force the Aurora Engine to create a fake proof of token burning, provide it to the bridge, and withdraw funds from the vault. The project team has begun working on a long-term, reliable solution based on proof of state.
White hackers also found a vulnerability related to token transfer from Ethereum to Aurora. According to them, the attackers could have sent the recipient wrapped tokens and charged a fee of up to 18,4 ETH.
What is known about Aurora? It is an EVM blockchain based on the NEAR protocol, which is being developed by Aurora Labs. The platform provides developers with a ready-made solution for running their applications on an Ethereum-compatible, high-performance, scalable and secure platform.
Earlier, white hackers returned about $9 million in cryptocurrency to a blockchain address belonging to Nomad’s cross-chain protocol. On August 2, Nomad underwent an exploit, during which white hackers withdrew part of the funds in order to protect them from theft.
Useful material?
Market
Analysts at JPMorgan Bank believe the asset will continue to face pressure amid growing competition
Feb 6, 2025
Market
The hacker used the account to promote MEOW and DCOIN scam tokens
Feb 6, 2025
Market
The company’s operating expenses rose 693% year-over-year to $1,103 billion
Feb 6, 2025
Crypto regulations
Group head Hester Peirce criticized the regulatory approach formed by former chairman Gary Gensler
Feb 5, 2025
Incidents
This status has been maintained for the first cryptocurrency since September 2021 but was canceled due to pressure from the IMF
Feb 3, 2025
Market
The Taproot Assets network will be used for the integration
Jan 31, 2025