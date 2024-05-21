Countries
XLink Prepares for A Comeback Following $10M Hack

Rida Fatima
Updated:
A Bitcoin blockchain bridge, XLink, is staging its comeback after a brief shutdown on May 15 due to an exploit. The platform witnessed a security breach that led to the drain of $10 million worth of assets.

Though it halted operations on May 15 following the hack and now plans to restart after recovering  $4.3 million of the stolen funds.

The Bitcoin bridge protocol XLink was affected by a vulnerability exploit that impacted its endpoints on Ethereum and BSC. In the early hours of May 15, the protocol team took to X to disclose the incident.

XLink noted that the breach didn’t affect other endpoints except those of Ethereum and BSC. According to XLink, the hacker used a phishing scheme to breach the protocol’s security and access its private keys.

Further, by controlling the BSC and Ethereum endpoints, the exploiter drained $4.3 million in digital assets without authorization.

Following the attack, XLink temporarily halted all operations on the bridge for a detailed investigation. The team reported that it had involved other security professionals, like Ancilia Inc., in the investigation. It also called in the Binance security team for assistance regarding the impact on BSC. 

Following the attack on the Bitcoin bridge platform XLink, the firm has initiated plans to restart operations. Also, XLink announced the recovery of $4.3 million through the help of a whitehat hacker. Notably, this facilitated the firm’s return after the brief halt.

However, the recovered funds are only those from XLink’s smart contract on BSC. 

The bridge protocol posted:

Following our announcement of the security incident at XLink, with the support of a Whitehat, all the assets of the XLink users that were taken by the XLink exploiter from the impacted smart contract on BSC have been recovered. We thank the Whitehat for the support.

Meanwhile, XLink has yet to recover almost $5 million in mainly LunarCrush tokens. The funds are still locked on the Ethereum network following the attack on XLink. However, XLink is working with the LunarCrush team to secure the assets.

The protocol disclosed that most of the tokens have already been secured or recovered. However, some residual crypto coins worth about $500,000 are still locked on Ethereum.

With plans to reopen, the Bitcoin bridge has laid out certain measures to ensure smooth operations. XLink mandated that all customers who interacted with the compromised contracts revoke their approved spending limits. 

In addition, the team released some instructions and links to guide ETH and BSC users and mitigate further risks.

The protocol stated:

As we prepare to reopen XLink, it is urgent that Ethereum and BSC users check that their wallets have revoked access to the old compromised endpoints contracts. This step will assist in completely severing any connections with the compromised contract and mitigating any associated risks.

