Taiko Bridge Attack Could Have Led to Losses Up to $1.7 Million

Odaily, Ethereum Layer 2 blockchain Taiko stated that its chain state verification mechanism has been compromised, rendering the security assumptions of all bridges deployed on Taiko unreliable, and urged users to immediately withdraw funds from the relevant bridges. Taiko said it is coordinating with partners to contain the incident and has suspended the affected systems.

Cryptocurrency security firm Blockaid stated that the root cause appears to be a flaw in the way the Taiko bridge verifies source signals. Attackers could submit message proofs on Ethereum that lack legitimate proofs from the Taiko chain, thereby registering and extracting fraudulent bridge messages, leading to the unauthorized release of assets from the ERC20 treasury. Blockaid estimates at least $1 million was stolen, while Lookonchain and PeckShield believe the value of the stolen assets could be as high as $1.7 million.

PeckShield stated that the attacker has transferred approximately 1.99 million TAIKO tokens to MEXC, worth about $189,000. Data from blockchain intelligence firm Arkham shows that the Taiko attacker's wallet holds approximately $1.5 million in assets, mainly in Ether. (Cointelegraph)