Taiko Bridge Exploited for Up to $1.7M in DeFi Hack
BlockSec said an exposed Raiko signing key on GitHub let the attacker forge withdrawal proofs and drain about $1.7 million.
- On Monday, Ethereum Layer-2 network Taiko halted block production and urged users to withdraw assets after an attacker exploited its bridge, causing losses estimated at about $1.7 million.
- Security firm BlockSec identified the root cause as an exposed Raiko SGX enclave signing key left publicly accessible on GitHub, allowing the attacker to sign fraudulent proofs that Ethereum accepted as genuine.
- The attacker used forged proofs to register fraudulent withdrawals from the bridge and ERC20 vault, with PeckShield noting about 1.99 million TAIKO tokens worth around $189,000 moved to MEXC.
- According to DeFiLlama, this exploit is the latest in at least 23 crypto protocol exploits this month, contributing to a year where bridge attacks have produced more than $340 million in total losses.
- Recent exploits include a $4.67 million theft from the Secret Network on Friday and a $1.1 million drain from a PancakeSwap liquidity pool on Saturday, revealing persistent vulnerabilities in DeFi mechanisms.
24 Articles
24 Articles
Taiko Urges Users to Move Funds Following $1.7 Million Bridge Exploit
Ethereum layer-2 network Taiko has advised users to withdraw funds from all bridges deployed on its ecosystem after a bridge exploit resulted in losses of up to $1.7 million. The incident, linked to a flaw in the chain state verification mechanism, prompted the protocol to suspend affected systems and work with partners to contain the breach. Security researchers say the exploit exploited weaknesses in the bridge’s signal validation process.
Taiko Identifies Cause of Theft Incident, Works to Recover Stolen Funds
Taiko, the Ethereum-based rollup protocol, announced that it has identified the cause of a recent theft incident and is now coordinating with exchanges and security firms to trace and recover the stolen funds.Read more...
Taiko urged users to withdraw all assets after $1.7 million
🚨 Taiko called for users to pull their assets after a $1.7 million breach hit the network's bridges. 💥 The exploit was linked to a publicly accessible SGX enclave key, letting attackers bypass verification. 🧐 Security gaps in bridge protocols highlight growing risks for funds...
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium






