Aurora pays $6M bug bounty to ethical security hacker through Immunefi

189
SHARES
1.5k
VIEWS

Related articles



On Tuesday, Ethereum (ETH) bridging and scaling answer Aurora introduced it had paid out a $6 million bounty to moral safety hacker pwning.eth, who found a crucial vulnerability within the Aurora Engine. The exploit allegedly positioned over $200 million price of capital in danger. The sum was paid in collaboration with Immunefi, a number one platform for Net 3.0 bug bounties, with greater than $145 million bounties accessible and over $45 million bounties paid out.

On April 26, Immunefi acquired a report from pwning.eth a couple of crucial flaw within the Aurora Engine that will have enabled the infinite minting of ETH within the Aurora Ethereum Digital Machine to empty and siphon the corresponding nested ETH (nETH) pool on NEAR. On the time of discovery, the pool contained greater than 70,000 ETH, price a minimum of $200 million.

Mitchell Amador, founder and CEO at Immunefi, stated: “Hats off to Aurora and pwning.eth for the flawless general processing of the report. The bug was shortly patched, with no person funds misplaced.” Aurora had launched a bug bounty program with Immunefi only one week earlier than discovering the safety vulnerability. In the meantime, Frank Braun, head of safety at Aurora Labs, commented: “We take a look at the bug bounty program because the final step in a layered protection strategy and can use this bug as a studying alternative to enhance earlier steps, like inner evaluations and exterior audits.

Although arguably revolutionary, cross-chain communication protocols have been a major goal of hackers as of late. In February, one of many largest decentralized finance hacks occurred when the Wormhole token bridge was drained of over $321 million in digital belongings after hackers exploited an infinite minting glitch between its wrapped ETH and ETH pool.