Bitcoin blockchain bridge XLink is preparing for a comeback after a $10 million hack attack that led to its closure on May 15. XLink fell victim to a security breach involving Ethereum and BNB Smart Chain networks. The XLink team first announced the breach early on May 15 and stated that normal operations would resume by May 17.
What is Happening at XLink?
The attacker exploited private keys obtained through a phishing scheme, allowing them to control BSC and Ethereum endpoints and withdraw approximately $4.3 million unauthorizedly. However, according to XLink, the stolen assets were soon seized by a white-hat hacker. The company’s official statement noted that no endpoints other than BSC and Ethereum were affected by this attack.
Despite the recovery on BSC, around $5 million, mostly in LunarCrush tokens, remains locked on the Ethereum blockchain. However, the LunarCrush team is working closely with XLink to secure these funds; the majority of the $5 million has been recovered or secured.
Another fund worth $5 million, primarily LunarCrush assets, is locked on Ethereum. The LunarCrush team has implemented measures in close coordination with the XLink team to secure these assets. According to XLink, approximately $500,000 worth of remaining crypto funds are still locked on Ethereum, but the majority of the funds have been recovered or secured.
Details of the Process Emerged
In response to the initial incident, the XLink team quickly reacted and temporarily suspended all operations on the bridge to conduct a thorough investigation. The investigation was carried out in collaboration with the team’s security partners, including Ancilia Inc., and members of the Binance team.
XLink insisted that all users interacting with the compromised contracts cancel their approved spending limits. The team published detailed instructions and provided links for Ethereum and BSC users to reduce further risks to the funds.
As XLink prepares to reopen, Ethereum and BSC users urgently need to verify that they have revoked access to the compromised endpoint contracts. This step will help sever all connections with the compromised contract and mitigate related risks. Users who fail to do so may risk losing their funds to the attacker.
