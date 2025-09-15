Shibarium bridge exploited, $2.4m lost in complex flash loan attack

By: Crypto.news
2025/09/15 03:00
Hyperbridge
BRIDGE$----%
BitShiba
SHIBA$0.0000000006-4.30%

Shiba Inu’s Shibarium bridge suffered a $2.4 million flash loan attack on Friday, giving the exploiter control of 10 of 12 validator keys and allowing them to drain ETH and SHIB tokens from the network.

Developers quickly paused certain functions, secured remaining funds in a multisig hardware wallet, and are working with security firms to investigate the breach, which underscores the growing risk facing cross-chain bridges in DeFi.

Summary
  • Shibarium bridge hacked, $2.4m in ETH and SHIB drained via flash loan exploit
  • Hacker used 4.6m BONE loan, gained validator control, drained bridge contract
  • Devs paused network, secured funds in multisig, and work with security firms

The exploit forced Shiba Inu (SHIB) developers to halt certain network activities while they assessed the damage.

The attacker borrowed 4.6 million BONE (BONE) tokens through a flash loan and gained access to 10 of 12 validator signing keys securing the network.

This gave the exploiter a two-thirds majority stake and allowed them to drain approximately 224.57 ETH (ETH) and 92.6 billion SHIB from the bridge contract before transferring the funds to their own address.

Shiba Inu dev: Attack was planned for months

Shiba Inu developer Kaal Dhairya described the incident as a “sophisticated” attack that was “probably planned for months.”

The attacker used their privileged position to sign malicious state changes and extract assets from the bridge infrastructure.

The Shibarium team moved quickly to contain the breach, pausing stake and unstake functionality as a precautionary measure.

They transferred stake manager funds from the proxy contract into a hardware wallet controlled by a trusted 6-of-9 multisig setup.

The borrowed BONE tokens used in the attack remain locked in Validator 1 due to unstaking delays. This allows developers to freeze those funds. This delay mechanism may prevent the attacker from fully profiting from their exploit.

Shibarium is under damage control mode

Developer Dhairya noted they are currently in “damage control mode” and haven’t decided whether the breach originated from a compromised server or developer machine. The team is working with security firms Hexens, Seal 911, and PeckShield to investigate the incident.

Authorities have been contacted about the attack, but the team remains open to negotiations. They offered not to press charges if the funds are returned and indicated willingness to pay a small bounty for the assets’ recovery.

Cross-chain bridges have become prime targets for hackers due to their complex security models and large fund pools. The Shibarium incident joins a growing list of bridge exploits that have cost the DeFi ecosystem billions in losses.

The team plans to restore stake manager funds once secure key transfers are completed and validator control integrity is verified.

Full network functionality will resume only after confirming the extent of any validator key compromise and implementing additional security measures.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
Share Insights

You May Also Like

CryptoAppsy Redefines Digital Coin Insights

CryptoAppsy Redefines Digital Coin Insights

The digital currency marketplace constantly evolves, demanding consistent vigilance from participants. To thrive, one requires tools that provide accurate and timely information.Continue Reading:CryptoAppsy Redefines Digital Coin Insights
Share
Coinstats2025/09/15 02:08
Share
BlockchainFX Headlines With Passive Income Rewards While BlockDAG and MAGACOIN Fuel 2025 Market Buzz

BlockchainFX Headlines With Passive Income Rewards While BlockDAG and MAGACOIN Fuel 2025 Market Buzz

Crypto presales in 2025 are heating up, with projects like BlockchainFX, BlockDAG, and MAGACOIN Finance attracting massive inflows. But one question dominates the minds of early buyers: which project has the 1000x potential to create the next wave of crypto millionaires? Among the many presale crypto 2025 opportunities, BlockchainFX ($BFX) stands out with its explosive
Wink
LIKE$0.010517-2.89%
Fuel
FUEL$0.00661+3.12%
Hive AI
BUZZ$0.028228+10.21%
Share
Coinstats2025/09/15 02:00
Share
A whale bought 1501 ETH at an average price of $2530 5 hours ago

A whale bought 1501 ETH at an average price of $2530 5 hours ago

PANews reported on June 19 that according to Aunt Ai, the wallet address 0xF89…8AEfe created in 2018 bought 1,501 ETH at an average price of $2,530 five hours ago, with
Sleepless AI
AI$0.1443-2.23%
Juneo Supernet
JUNE$0.0838-4.98%
Ethereum
ETH$4,616.46-0.83%
Share
PANews2025/06/19 10:39
Share

Trending News

More

CryptoAppsy Redefines Digital Coin Insights

BlockchainFX Headlines With Passive Income Rewards While BlockDAG and MAGACOIN Fuel 2025 Market Buzz

A whale bought 1501 ETH at an average price of $2530 5 hours ago

Financing Weekly Report | 17 public financing events; Crypto catering app Blackbird Labs completes $50 million Series B financing, with Coinbase and others participating

The public game chain Ronin and the ecological game ROMW are caught in a Rashomon of mutual tearing, and users "pay the bill" for the breakup