Fake Bridge Messages Let Hacker Drain $815K From Alephium

Source: BeInCrypto

Alephium's (ALPH) TokenBridge was drained of approximately $815,000 after an attacker exploited a flaw that allowed forged messages to pass through the protocol's guardian network and authorize fraudulent token transfers. The attacker moved funds from the Alephium TokenBridge on both Ethereum and BNB Chain in roughly seven minutes. Alephium shut down the bridge and stated that it is exploring all options to make affected users whole. The Alephium team confirmed that blockchain security firm Blockaid was the first to detect the exploit. The Security Alliance's SEAL_911 emergency response unit also provided assistance and responsiveness throughout the subsequent investigation. Full Story