An attacker tried to pull off what could have been a ~$12&nbsp;million heist from ALEX Lab's XLink bridge after a <button class="define-target" id="private-key">private key</button> was compromised. However, the sloppy work by the attacker enabled an apparent <button class="define-target" id="whitehat">whitehat</button> hacker to step in.<p>The attacker was successfully able to transfer around 13.8&nbsp;million STX (~$2 million) on the Stack BTC <button class="define-target" id="layer-2">layer-2</button> chain. However, their attempts to steal assets notionally worth around $4.3&nbsp;million from the project's BNB Chain implementation failed when they upgraded the project <button class="define-target" id="smart-contract">contract</button> to a malicious version, but failed to prevent <i>other</i> people from calling the withdraw function. The attacker's first transactions to withdraw the funds themself failed, and an apparent whitehat hacker was able to step in and complete the withdrawal ahead of the exploiter. They later negotiated a deal for the funds' return, after offering a 10% "<button class="define-target" id="bug-bounty">bounty</button>".</p><p>The exploiter had also tried, and failed, to steal assets notionally worth around $5&nbsp;million on the Ethereum blockchain, but failed to do so. ALEX Lab later announced they were able to recover or secure around $4.5&nbsp;million of those assets. ALEX also later announced that they believed the attackers were part of the North Korean Lazarus Group.</p>

Archived tweet

Tweet by Alex Lab: