Bitcoin Bridge XLink Revival After $10M Hack

XLink, a prominent bridge in the Bitcoin blockchain ecosystem, is gearing up for its return after it was forced to shut down due to a significant security breach on May 15. The breach resulted in a $10 million loss and involved the Ethereum and BNB Smart Chain (BSC) endpoints. The XLink team first reported the security compromise on May 15 in the early morning hours, setting in motion a series of actions that now allow the company to reinitiate normal operations by May 17.

The security incident occurred when an attacker used a phishing scheme to gain access to private keys, subsequently controlling the BSC and Ethereum endpoints. This unauthorized control enabled the attacker to siphon off approximately $4.3 million. Fortunately, a white hat hacker intervened and successfully recovered the stolen assets shortly after the breach. Despite these efforts, when contacted for comments by , XLink did not provide an immediate response.

In an official statement, XLink clarified that only the BSC and Ethereum endpoints were affected by the exploit. The team has managed to recover most of the stolen funds on the BSC; Around $5 million, largely in LunarCrush tokens, remain locked on the Ethereum blockchain. The LunarCrush team is actively collaborating with XLink to secure these assets, confirming that the majority of this amount has been either “recovered or secured.”

The cooperation between LunarCrush and XLink has been pivotal in ensuring the safeguarding of the locked $5 million worth of LunarCrush tokens on Ethereum. Measures have been put in place to secure these tokens, although residual crypto funds amounting to approximately $500,000 are still locked. The majority of the funds are, fortunately, accounted for and secure.

In the wake of the hack, XLink took immediate action by suspending all bridge operations. This allowed the team to conduct a thorough investigation, working closely with security partners, including Ancilia, and liaising with their Binance counterparts. Through this collaborative effort, they scrutinized the breach’s scope and impact, making plans to bolster their security framework.

Focused on mitigating risks for their users, XLink advised everyone who had interacted with the compromised contracts to revoke any approved spending limits. The team provided detailed instructions to help ETH and BSC users secure their funds. As the team prepares to reopen the XLink bridge, they emphasized the importance of ensuring that wallets no longer have access to the compromised contracts. This precaution is crucial to sever any lingering vulnerabilities and protect users from potential future attacks.

Failure to revoke access from compromised contracts leaves users at risk of losing their funds to the attackers. The urgency of these preventative actions cannot be overstated, as the reopening of the XLink bridge hinges on the assurance that the security breach risks have been entirely mitigated.

Interestingly, the XLink incident follows closely on the heels of another exploit involving pump.fun, a Solana-based memecoin creation tool. Pump.fun reported that a former employee compromised their internal systems on May 16, executing a “bonding curve” attack and making off with nearly $2 million. Pump.fun has since declared their smart contracts safe and assured users that they will restore 100% of the affected liquidity. These incidents underscore the ongoing vulnerabilities within the blockchain ecosystem and the continuous need for vigilant security practices.