White hat finds huge vulnerability in ETH to Arbitrum bridge: Wen max bounty?

White hat finds huge vulnerability in ETH to Arbitrum bridge: Wen max bounty?

The ethical exploiter thanked Arbitrium for the 400 ETH payday, but said such a find should be eligible for the max bounty of nearly 1,500 ETH, or $2 million. A self-described white hat hacker has uncovered a “multi-million dollar vulnerability” in the bridge linking Ethereum and Arbitrum Nitro and received a 400 Ether (ETH) bounty for their find.Known as riptide on Twitter, the hacker described the exploit as the use of an initializing function to set their own bridge address, which would hijack all incoming ETH deposits from those trying to bridge funds from Ethereum to Arbitrum....


Related News

Arbitrum Pays Hacker A Hefty Reward For Identifying A Bug

Arbitrum, a popular Layer 2 solution for Ethereum, got involved with a white hat hacker on September 19. According to a source, the hacker discovered a potential vulnerability in Arbitrum’s code. As a result, the network used 400 ETHs, worth about $560,000, as a pay-off. Over the years, many hacks and exploits have hit the […]

Main hacker in Transit Swap exploit agrees to return remaining funds

Under the agreement, more than $2 million would be returned to Transit Swap users. On Oct. 10, decentralized finance (DeFi) protocol Transit Swap announced that it had reached an agreement with its biggest hacker for the return of funds. Approximately one week prior, a hacker exploited an internal bug on a swap contract within the protocol and caused other individuals to imitate the security breach, leading to a loss of over $23 million in user funds. However, the main hacker has since returned approximately 70% of exploited funds thanks to the help of security companies such as....

Nomad announces $190 million bounty for lost funds from recent hack

Nomad announced that it’s offering up to a 10% bounty to return funds stolen from the recent hack on the Nomad bridge on Aug. 2. Nomad announced a bounty of up to 10% for the return of the stolen funds from the Nomad bridge. In a website announcement and tweet, the company publicly provided a wallet address for sending the funds. The bounty is applicable to anyone who comes forward from now on or already returned funds. At the time of writing, Nomad recovered more than $20 million. The Nomad token bridge suffered a massive hack on Aug. 2. This incident was among the largest in the history....

Polygon pays $2M bounty on bug which could have compromised $850M in user funds

The white hat hacker speculated that the bug might have been created from "using someone else’s code and not having a 100% understanding of what it does." White hat hacker Gerhard Wagner has earned $2 million after reporting a solution to a potentially costly “double-spend” bug on the Polygon network.In an Oct. 21 blog post from Immunefi, a security service that helps facilitate bug reports in decentralized finance projects, Polygon network’s Plasma Bridge was at risk of having $850 million removed by a knowledgeable hacker. According to the project, the vulnerability would have allowed....

HackerOne Now Offering Bitcoin Payouts For Bug Bounty Programs

Heard of HackerOne? If you haven't the service allows companies (like Yahoo and Twitter) to allow white hat hackers around the world to dive deep into the coding of a particular service, and if they encounter bugs and vulnerabilities, are eligible to receive a payment for their hard word. For example, if a hacker finds a serious bug or vulnerability in OpenSSL, they offer a minimum bounty of $2,500. HackerOne has partnered up with San Francisco-based Coinbase to offer payouts denominated in bitcoin. Right now, payout methods include wire transfers and PayPal. But with bitcoin, users will....