Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label EYWA. Show all posts
malware
active exploitation Bug Exploit CrossCurve EYWA malware

CrossCurve Bridge Hit by $3 Million Exploit after Smart Contract Flaw


CrossCurve, a cross-chain bridge formerly known as EYWA, has suffered a major cyberattack after hackers exploited a vulnerability in its smart contract infrastructure, draining about $3 million across multiple blockchain networks. The CrossCurve team confirmed the incident on Sunday, saying its bridge infrastructure was under active attack and urging users to immediately stop interacting with the protocol. “Our bridge is currently under attack, involving the exploitation of a vulnerability in one of the smart contracts used,” CrossCurve said in a post on X. 

“Please pause all interactions with CrossCurve while the investigation is ongoing.” Blockchain security account Defimon Alerts said the exploit stemmed from a gateway validation bypass in CrossCurve’s ReceiverAxelar contract. According to the analysis, the contract was missing a critical validation check, allowing attackers to call the expressExecute function using spoofed cross-chain messages. 

By abusing this flaw, the attackers were able to bypass the intended gateway validation logic and trigger unauthorized token unlocks on the PortalV2 contract, resulting in the loss of funds. The exploit affected CrossCurve deployments across several blockchain networks. 

Data from Arkham Intelligence, shared by Defimon Alerts, shows that the PortalV2 contract balance fell from roughly $3 million to nearly zero around Jan. 31. Transaction records indicate the attack unfolded across multiple chains rather than a single network. 

CrossCurve operates a cross-chain decentralized exchange and liquidity protocol built in partnership with Curve Finance. The system relies on what it describes as a Consensus Bridge, which routes transactions through multiple validation layers, including Axelar, LayerZero, and the EYWA Oracle Network. In its documentation, CrossCurve had described this architecture as a security advantage, stating that “the probability of several crosschain protocols getting hacked at the same time is near zero.” 

The incident, however, showed that a single smart contract flaw can still compromise a broader system. The project has backing from prominent figures in decentralized finance. Michael Egorov invested in the protocol in September 2023, and CrossCurve later said it had raised $7 million from venture capital firms. Following the exploit, Curve Finance warned users with exposure to EYWA-related pools to reassess their positions. 

“Users who have allocated votes to Eywa-related pools may wish to review their positions and consider removing those votes,” Curve Finance said on X. 

Security researchers said the attack echoes earlier bridge exploits, drawing comparisons to the 2022 Nomad bridge hack, in which about $190 million was drained after attackers discovered a faulty validation mechanism.
Read more »
Subscribe to: Comments (Atom)