Shibarium Bridge Hit By $2.4 Million Flash Loan Attack

robot
Abstract generation in progress

The attacker gained two-thirds validator control by borrowing 4.6M BONE, draining $2.4M in ETH and SHIB.

KNINE tokens worth $700K were seized but blacklisted by K9 Finance DAO, blocking liquidation.

Developers paused staking, secured validator keys, and enlisted Hexens, Seal 911, and PeckShield for investigation.

The Shibarium bridge, which links the Layer 2 network to Ethereum, was breached on Friday in a flash loan attack that drained $2.4 million in assets. Developers for the Shiba Inu ecosystem said the incident forced them to halt staking, unstaking, and related functions while validator keys were secured.

According to project engineers, the attacker borrowed 4.6 million BONE tokens through a flash loan and temporarily gained control over validator access. By controlling ten of the twelve validator signing keys, the attacker secured a two-thirds majority and redirected funds from the bridge contract. Records show that 224.57 ETH and 92.6 billion SHIB were removed, valued at approximately $2.4 million.

Impact on Tokens and Validator Operations

Developers confirmed that the borrowed BONE tokens were immediately locked due to staking delays, preventing the attacker from maintaining influence. BONE’s price initially jumped as trading activity surged but quickly declined as news of the exploit spread.

The incident also involved K9 Finance’s governance token, KNINE. The attacker acquired around $700,000 worth of KNINE but was blocked from liquidating the holdings. The K9 Finance DAO blacklisted the wallet, making those tokens unsellable on the open market.

Emergency Measures and Investigation

Following the breach, Shiba Inu developers engaged external security firms including Hexens, Seal 911, and PeckShield to analyze the exploit. Investigators are reviewing how validator access was manipulated and how protections failed to prevent unauthorized withdrawals.

Kaal Dhairya, a senior developer in the system, said the flash loan operation was seen highly structured and may have been prepared months in advance. He confirmed that law enforcement agencies were informed of the incident. Developers also indicated a willingness to negotiate with the attacker if the funds are returned, including the possibility of a bounty.

The incident underscores the ongoing risks facing cross-chain bridges and validator-based governance structures. In this case, control of validator keys allowed rapid execution of withdrawals that overwhelmed defenses. While immediate actions limited further losses, the breach demonstrates vulnerabilities that attackers continue to exploit across decentralized systems. Developers stated that additional measures are being put in place to safeguard validator access and prevent similar attacks in the future. Investigations are continuing as the community monitors whether stolen funds move through other networks.

BONE-5.72%
ETH1.67%
SHIB0.47%
KNINE3.68%
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
0/400
No comments
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate App
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)