Cross-chain Bridge Hack of Meter Sees $4.4M Stolen

Meter, an infrastructure provider for DeFi, is urging a hacker who exploited a deposit mechanism to return the $4.4M of stolen funds.

A blockchain infrastructure company that operates in the Decentralized Finance space, Meter, was hacked on Feb. 5, 2022. The hack occurred on a bridge and saw $4.4M stolen. The funds stolen comprised of 1,391 ETH and 2.74 BTC, according to blockchain security firm Peckshield.

The hack took place at 6 am PST. The hacker exploited a vulnerability of the bridge to mint a large amount of BNB and WETH tokens, which depleted reserves of these on the bridge, Meter Passport. Meter became aware of the depletion and halted all bridge transactions. They then proceeded to investigate further. The hacker exploited a bug introduced onto the bridge by the Meter team. The team created a new bug when they added the ability to wrap and unwrap BNB and ETH automatically. The code assumed trust incorrectly, which permitted the hacker to call the ERC20 deposit function to mimic transfers of BNB and ETH. The Meter and Moonriver networks were affected.

Meter working on a reimbursement plan

Meter has discovered bits of the hacker’s digital breadcrumbs and cooperates with law enforcement to identify the hacker. Meter is busy with a remuneration plan for WETH and BNB. They have urged all WETH and BNB liquidity providers to remove their liquidity from pools until further updates are given. Meter is working on taking a snapshot of the prices of WETH and BNB before the hack. They will convert the tokens’ values to their (Meter’s) native token MTRG. The remainder of the inflated BNB and WETH prices are based on the value stolen from liquidity pools. They’ve earmarked $4.4M worth of MTRG based on its price on Feb. 6, 2022.  

This is the second bridge exploit that has occurred in less than a week. On Feb. 3, 2022, the Wormhole network was affected, where 120,000 WETH was drained from the bridge. The Wormhole team offered the hacker a whitehat agreement. They would award the hacker $10M for the hack’s details and the return of the drained WETH.

Meter specializes in cross-chain functionality

Meter provides a high-performance Ethereum Virtual Machine-compatible sidechain for public blockchains, including Ethereum. The sidechain is compatible with Ethereum dApps. Each public chain that Meter connects to via a bridge has a native consensus mechanism, scaling, and incentives. Meter addresses proper monetary policy, communication between chains, and value settlement.

What do you think about this subject? Write to us and tell us!

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.