Shiba Inu’s layer-2 network, Shibarium, was hit by a coordinated exploit that saw an attacker use a flash loan to gain control over a validator, drain assets from its bridge and trigger a temporary shutdown of staking operations.

The attacker, according to Shibarium developer Kaal Dhariya, bought 4.6 million BONE, the governance token of Shiba Inu’s layer-2 network, using a flash loan. The attacker then gained access to validator signing keys to achieve the majority validator power.

With that power, the attacker signed a fraudulent network state and siphoned assets from the Shibarium bridge, which connects it to the Ethereum network.

Since the BONE is still staked and subject to an unstaking delay, the funds remain locked, giving developers a narrow window to respond and freeze the funds, Dhariya said.

The Shibarium team has now paused all stake and unstake functionality, moved remaining funds into a hardware wallet protected by a 6-of-9 multisig setup and launched an internal investigation.

It’s still unclear whether the breach stemmed from a compromised server or a developer machine. While total losses haven’t been advanced, transaction data suggests they’re near $3 million.

The team is working with security firms Hexens, Seal 911 and PeckShield, and has alerted law enforcement. But developers also extended a peace offering to the attacker.

“Authorities have been contacted. However, we are open to negotiating in good faith with the attacker: if the funds are returned, we will not press any charges and are willing to consider a small bounty,” Dhariya wrote on X.

The price of BONE jumped immediately after the attack and at one point saw its value more than double, before a correction saw it move to a gain of around 40% since the exploit. SHIB is up more than 8%.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。