Ethereum PoW loses 200 WETH to Omni bridge vulnerability exploit

by Jeremy

A replay assault in opposition to  Omni bridge resulted in a hacker exploiting 200 WETH from the Ethereum PoW chain.

On Sept. 18, safety agency BlockSec recognized a replay assault launched in opposition to the Ethereum PoW chain.

The attacker transferred 200 WETH from the Ethereum PoS chain by way of the Omni bridge. The transaction was reportedly replicated on the Ethereum PoW chain.

Omni bridge did not validate the precise chainID earlier than approving the transaction. In consequence, the PoW chain was drained of 200 WETH.

In keeping with safety agency Certik, the attacker has transferred the funds by way of Mexc World for doable money out.

EthereumPoW is Safu

From the TX hash of the exploit, the ETHPoS and ETHPoW had completely different transaction information.

ETHW Core builders clarified that the replay assault was unattainable in opposition to EthereumPoW because it enforced EIP-155.

By design, EIP-155 contains the chainID of a transaction to keep away from replays of the transaction on completely different chains.

ETHW Core added that the assault exploited a contract vulnerability of the Omni bridge. The bridge has been knowledgeable to handle the difficulty.

Gradual adoption for ETHW

Since launching on Sept. 15. Ethereum PoW has not gathered a lot adoption from the crypto neighborhood.

Main exchanges like FTX, OKX, and Bybit rallied round to see that spot buying and selling opened for the ETHW token on Sept. 16. In consequence, ETHW value reached an all-time excessive of $60.68.

Nonetheless, with the overall market decline and low pleasure post-merge, ETHW has fallen beneath $5, shedding off over 90% of its all-time excessive achieve as press time.

Grayscale funding hinted at plans to dump its 3.1 million ETHPoW airdrop tokens. The agency stated it should promote the tokens and redistribute the proceeds to shareholders.



Supply hyperlink

Related Posts

You have not selected any currency to display