Saturday, March 25, 2023
  • Login
EthozEdge
No Result
View All Result
  • Home
  • ETHO News
  • EVM News
    • Avalanche Network
    • Ethereum
    • Fantom Opera Chain
    • Harmony Chain
    • Huobi Eco Chain
    • Polygon Chain
  • Crypto News
    • Altcoin News
    • Bitcoin
    • Blockchain
    • Crypto Exchanges
    • Crypto Mining
    • Crypto Regulation News
    • DeFi
    • NFT
    • Metaverse
    • Scam News
    • Web 3.0
Cryptocurrency Marketcap
  • Home
  • ETHO News
  • EVM News
    • Avalanche Network
    • Ethereum
    • Fantom Opera Chain
    • Harmony Chain
    • Huobi Eco Chain
    • Polygon Chain
  • Crypto News
    • Altcoin News
    • Bitcoin
    • Blockchain
    • Crypto Exchanges
    • Crypto Mining
    • Crypto Regulation News
    • DeFi
    • NFT
    • Metaverse
    • Scam News
    • Web 3.0
No Result
View All Result
EthozEdge
No Result
View All Result
Home Crypto News XDai Chain

What are Bridges? Illicit use of bridges | by Coinbase | Apr, 2022

by ethozedge
April 21, 2022
in XDai Chain
Reading Time: 11 mins read
A A
0
Share on FacebookShare on Twitter


By Heidi Wilder, Special Investigations Manager & Tammy Yang, Blockchain Researcher

Part 1: What are Bridges? Bridge Basics, Facts, and Stats

Illicit actors are often attracted to the newest forms of technology, and bridges are unfortunately no exception to that rule. Illicit actors are defined as individuals or groups conducting illicit activity, such as scams, thefts, or other illegal activity, on the blockchain. In the previous section of this blogpost, we covered the Wormhole and Ronin bridge exploits.

Analyzing the use of Ethereum bridges by illicit actors in January 2021 through April 2022, we find that Ronin, Wormhole, followed by Polygon and Anyswap have the most volume flowing through them.

To date, Ronin bridge’s exploit that took place in late March is the largest hack in the DeFi space, totalling more than $540 million in funds stolen (as of the day of the bridging of funds). We discussed this exploit in more detail in our previous blockpost. Unsurprisingly, this hack makes up the largest illicit volume with the Ronin bridge.

Wormhole’s Ethereum-Solana bridge was attacked in February 2022, leading to a loss of over $250m.

Polygon’s bridge was primarily abused by Polynetwork’s exploiter (although funds were returned), the bZx hackers, and the AFK System rug pull. The bZx hackers appear to have literally gone back and forth between chains to decide which ones were best to consolidate funds. Ethereum won in the end.

Anyswap BSC bridge was primarily used as a bridge by the Bunny Finance flash loan attackers, Squid Game rug pull and Vee Finance hackers.

Why would illicit actors want to bother bridging at all?

Illicit actors’ reasons for bridging funds between networks are both similar and different compared to the general population of bridge users. Possible reasons include:

  • Consolidation. Combining funds through bridging makes them easier to handle and to generally then launder onwards.
  • Obfuscation. Bridging over funds to other networks adds another layer of complexity to tracing funds on-chain. Tracing funds that travel through a bridge requires tracing capability on both networks and linking them through the bridge.
  • Faster and cheaper transactions and to use assets that are not native to the network. Bringing over funds to other faster and cheaper networks can aid illicit actors in transferring their funds more rapidly at a lower cost. The added ability to access assets that aren’t native to the network allow both licit and illicit actors to gain price exposure to a non native asset, while also enjoying the benefits of the other network.
  • To access a broader selection of dApps. As blockchain monitoring has become increasingly popular, so has scrutiny of illicit activity:

a) Instead of immediately cashing out, some illicit actors will choose to bridge over funds and then yield farm with them for a period of time, which has the benefit of passing time and earning interest on their proceeds.

b) Alternatively, illicit actors will also leverage certain DeFi protocols that help break the chain in order to obfuscate the true source of funds.

But how are illicit actors employing these methods in practice? What happens after someone has bridged over funds to another chain? Can you track through a bridge to the other side?

Because of the transparency of the blockchain and of many bridge protocols, we can trace through various bridges to identify the ultimate destination of funds.

Below are some recent examples of how illicit actors are employing bridges and how we can trace through bridges to identify the ultimate destination of funds.

Consolidation and obfuscation — as seen with an NFT phishing scheme

NFT phishing scams are nothing new, but the scale at which NFT phishing scams are occurring on social media is rampant. In this particular case, we observed several Murakami Flower phishing scams, among other popular impending NFT releases.

In this case, we observed that several of these scams bundled together their ill gotten ETH in a novel way.

Instead of pooling their ETH together on Ethereum, they bridged over the funds to the Secret Network, which was likely an attempt to obfuscate the source and destination of funds.

Although they may have bridged over funds to the Secret Network, they continued to bridge over to the same address over and over again. Consolidating funds from various phishing schemes allowed them to better get a grasp on their funds.

Accessing a broader set of dApps — an example of using bridges to then yield farm with ill gotten gains with the Squid Game rug pull

In November 2021, the Squid Game token rug pulled. Although the token was launched on Binance Smart Chain (BSC), funds were bridged over to Ethereum. While this was likely for obfuscation purposes, it was also to gain access to Ethereum-based dApps.

In particular, once the attackers bridged over funds to Ethereum, they opted for two yield farming strategies, which allowed them to earn interest on their ill gotten gains.

The first, was to swap funds to USDT and to supply liquidity to the ETH/USDT Uniswap pool (one of the deepest pools on Uniswap). The second was to take the ETH and to lend it on Compound.

While the attackers have begun to cash out, they have not only waited out the heat but have also made some interest while doing so.

Accessing a broader set of dApps — an example of using a bridge to access DeFi protocols to break the chain of traceability with a malware operation

A malware and ransomware operation primarily sourced funds from victims in Bitcoin over the years. However, in the latter half of 2021, the operation began to bridge over funds to ETH using Ren.

This allowed the attackers to mint renBTC. Using a particular protocol, Curve.Fi Adapter, the operators were able to immediately swap the newly minted renBTC for WBTC. Both renBTC and WBTC are BTC-backed tokens on the Ethereum blockchain. It’s important to note that the attackers specifically wanted WBTC though, which they could then deposit to Compound.

Compound is a DeFi protocol that allows users to earn interest on their deposits. When a user deposits funds into Compound, such as ETH, they are provided with cETH or Compound ETH in return, which can be exchanged through Compound for the original ETH amount deposited plus interest earned. Alternatively, users can also use the cETH as collateral to then borrow other tokens.

And that’s exactly what the malware operations did. They used cBTC as collateral to then borrow stablecoins from Compound, particularly USDT and DAI. And with those stablecoins they then cashed out at various exchanges.

The idea here is that the malware operators were attempting to obfuscate the true source of their funds and to make it seem like they received funds directly from Compound.

What can we do about this?

Because of how public, traceable and permanent the blockchain is, we can leverage it to not only identify illicit actors bridging funds across blockchains but also to stop them. The primary mechanism for this is blockchain analytics.

Here are some steps we can take as an industry to combat illicit actors’ bridging of funds:

  • Work with blockchain intelligence providers to identify cross-chain transactional flows to quickly identify when illicit funds have hopped from one network to another;
  • Block illicit actors addresses’ on both sides of a bridge;
  • Monitor inputs and outputs of protocols that are heavily abused by illicit actors who bridge over funds.

Using these and other tools we aim to preserve the integrity of the ecosystem while also encouraging innovative concepts, like bridges, to expand the crypto economy.





Source link

Tags: Aprbitcoin newsBridgesCoinbasecrypto analysiscrypto newsEthoz EdgeIllicitLatest bitcoin newslatest crypto news
Share76Tweet47

Related Posts

8 Best Yield Farming Crypto Platforms in 2023

by ethozedge
March 24, 2023
0

Earning passive income with cryptocurrency is a goal of many crypto investors. This is understandable, since many crypto investors prefer...

Euler hacker offers to negotiate return of funds

by ethozedge
March 20, 2023
0

Ad A hacker who recently exploited Euler Finance is attempting to arrange the return of stolen funds, as seen in...

Is AAVE a Good Investment? – Cryptopolitan

by ethozedge
March 20, 2023
0

Aave Price Prediction 2023-2032 A proposal to reward members of the Aave Companies with $16.28 million in retroactive funding for the development...

Arbitrum’s weekly DEX volume touches new ATH

by ethozedge
March 20, 2023
0

Arbitrum’s decentralized exchange (DEX) transactions volume rose to a new all-time high (ATH) in each of the last two weeks,...

BitGo Successfully Patched A Critical Vulnerability

by ethozedge
March 18, 2023
0

Last updated Mar 18, 2023 The Fireblocks team identified a critical vulnerability in the BitGo platform’ wallet and later the...

Load More
  • Trending
  • Comments
  • Latest

🔴 Bank of America Bets on Crypto

April 11, 2022

Pomelo Launches Family Credit Cards to Combine Credit and International Money Transfer

August 16, 2022

How to Add Polygon (MATIC) to Your MetaMask Wallet

May 28, 2022

The Sandbox Price Prediction 2022-2030: HODL or DUMP?

May 25, 2022

Successful Beta Service launch of SOMESING, ‘My Hand-Carry Studio Karaoke App’

0

At least 54 apes were stolen in BAYC Instagram hack

0

Binance Introduces New Crypto Card for Ukrainian Refugees

0

55,000 Meta Cricket League NFTs sell out in nine minutes

0

Crypto Trader Maps Path Forward for Aptos and Chainlink, Predicts Altcoins Will Fly Once Bitcoin Cools Off

March 25, 2023

Billionaire VC Tim Draper Tells Businesses To Keep Payroll In Bitcoin

March 25, 2023

Why We Opened The Belgrade Bitcoin Hub

March 25, 2023

Bitcoin Was a Winner During the U.S. Banking Crisis, but Illiquidity Prevents It From Being a USD Hedge

March 25, 2023
Facebook Twitter LinkedIn Tumblr RSS
EthozEdge

Find the latest Bitcoin, Ethereum, blockchain, crypto, Business, Fintech News, interviews, and price analysis at EthozEdge

CATEGORIES

  • Altcoin News
  • Avalanche Network
  • Binance Smart Chain
  • Bitcoin
  • Blockchain
  • Crypto Exchanges
  • Crypto Mining
  • Crypto Regulation News
  • DeFi
  • Ethereum
  • EVM News
  • Fantom Opera Chain
  • Harmony Chain
  • Huobi Eco Chain
  • Metaverse
  • NFT
  • Polygon Chain
  • Scam News
  • Web 3.0
  • XDai Chain

SITE MAP

  • Disclaimer
  • Privacy Policy
  • DMCA
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us

Copyright © 2022 - EthozEdge.
EthozEdge The Crypto is not responsible for the content of external sites.

No Result
View All Result
  • Home
  • ETHO News
  • EVM News
    • Avalanche Network
    • Ethereum
    • Fantom Opera Chain
    • Harmony Chain
    • Huobi Eco Chain
    • Polygon Chain
  • Crypto News
    • Altcoin News
    • Bitcoin
    • Blockchain
    • Crypto Exchanges
    • Crypto Mining
    • Crypto Regulation News
    • DeFi
    • NFT
    • Metaverse
    • Scam News
    • Web 3.0

Copyright © 2022 - EthozEdge.
EthozEdge The Crypto is not responsible for the content of external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • JDBJDB(JDB)$0.021575-0.61%
  • bitcoinBitcoin(BTC)$27,688.00-0.23%
  • ethereumEthereum(ETH)$1,757.790.50%
  • USDEXUSDEX(USDEX)$1.07-0.47%
  • tetherTether(USDT)$1.01-0.16%
  • binancecoinBNB(BNB)$324.531.26%
  • usd-coinUSD Coin(USDC)$1.000.11%
  • rippleXRP(XRP)$0.4596247.65%
  • cardanoCardano(ADA)$0.359657-1.04%
  • dogecoinDogecoin(DOGE)$0.0754641.55%
  • staked-etherLido Staked Ether(STETH)$1,756.910.75%
  • matic-networkPolygon(MATIC)$1.101.00%
  • binance-usdBinance USD(BUSD)$1.000.43%
  • solanaSolana(SOL)$20.780.26%
  • polkadotPolkadot(DOT)$6.02-0.86%
  • litecoinLitecoin(LTC)$92.501.34%
  • shiba-inuShiba Inu(SHIB)$0.0000111.05%
  • tronTRON(TRX)$0.0642710.59%
  • avalanche-2Avalanche(AVAX)$16.81-1.17%
  • daiDai(DAI)$1.000.20%
  • uniswapUniswap(UNI)$5.83-2.08%
  • wrapped-bitcoinWrapped Bitcoin(WBTC)$27,782.000.11%
  • chainlinkChainlink(LINK)$7.11-2.61%
  • cosmosCosmos Hub(ATOM)$11.26-0.24%
  • leo-tokenLEO Token(LEO)$3.37-1.26%
  • ToncoinToncoin(TON)$2.111.23%
  • moneroMonero(XMR)$164.354.38%
  • ethereum-classicEthereum Classic(ETC)$20.361.09%
  • okbOKB(OKB)$42.20-2.08%
  • Aerarium FiAerarium Fi(AERA)$7.15-13.10%
  • bitcoin-cashBitcoin Cash(BCH)$126.341.37%
  • stellarStellar(XLM)$0.0921193.62%
  • filecoinFilecoin(FIL)$5.54-0.87%
  • AptosAptos(APT)$11.91-3.73%
  • true-usdTrueUSD(TUSD)$1.000.44%
  • hedera-hashgraphHedera(HBAR)$0.0608031.12%
  • quant-networkQuant(QNT)$123.691.38%
  • lido-daoLido DAO(LDO)$2.08-3.35%
  • crypto-com-chainCronos(CRO)$0.0689400.70%
  • nearNEAR Protocol(NEAR)$1.95-1.90%
  • vechainVeChain(VET)$0.0230500.37%
  • ArbitrumArbitrum(ARB)$1.26-0.72%
  • apecoinApeCoin(APE)$4.163.06%
  • algorandAlgorand(ALGO)$0.2113580.22%
  • internet-computerInternet Computer(ICP)$4.990.18%
  • blockstackStacks(STX)$0.97-5.66%
  • fantomFantom(FTM)$0.451028-1.23%
  • eosEOS(EOS)$1.15-2.40%
  • the-graphThe Graph(GRT)$0.141198-1.35%
  • the-sandboxThe Sandbox(SAND)$0.630.27%
  • decentralandDecentraland(MANA)$0.590.58%
  • elrond-erd-2MultiversX(EGLD)$42.40-0.08%
  • fraxFrax(FRAX)$1.00-0.05%
  • tezosTezos(XTZ)$1.13-1.02%
  • aaveAave(AAVE)$72.34-1.87%
  • theta-tokenTheta Network(THETA)$1.020.21%
  • flowFlow(FLOW)$0.97-1.08%
  • axie-infinityAxie Infinity(AXS)$8.410.97%
  • immutable-xImmutableX(IMX)$1.06-6.73%
  • neoNEO(NEO)$12.16-2.64%
  • kucoin-sharesKuCoin(KCS)$8.76-0.83%
  • havvenSynthetix Network(SNX)$2.49-2.64%
  • paxos-standardPax Dollar(USDP)$1.00-0.06%
  • rocket-poolRocket Pool(RPL)$38.75-0.44%
  • BitDAOBitDAO(BIT)$0.52-0.19%
  • WhiteBIT TokenWhiteBIT Token(WBT)$5.123.00%
  • gatechain-tokenGate(GT)$5.16-1.69%
  • terra-lunaTerra Luna Classic(LUNC)$0.0001230.14%
  • usddUSDD(USDD)$1.000.31%
  • curve-dao-tokenCurve DAO(CRV)$0.931.60%
  • mina-protocolMina Protocol(MINA)$0.82-1.84%
  • bitcoin-cash-svBitcoin SV(BSV)$37.041.62%
  • optimismOptimism(OP)$2.25-1.25%
  • klay-tokenKlaytn(KLAY)$0.228167-0.16%
  • pancakeswap-tokenPancakeSwap(CAKE)$3.731.76%
  • conflux-tokenConflux(CFX)$0.321354-4.67%
  • dashDash(DASH)$59.70-2.41%
  • chilizChiliz(CHZ)$0.1205741.40%
  • sapphireSapphire(SAPP)$0.7035.32%
  • CloutContractsCloutContracts(CCS)$52.461,000.00%
  • makerMaker(MKR)$669.670.57%
  • ecasheCash(XEC)$0.0000311.00%
  • gmxGMX(GMX)$69.99-0.78%
  • huobi-tokenHuobi(HT)$3.670.63%
  • bittorrentBitTorrent(BTT)$0.0000012.48%
  • iotaIOTA(MIOTA)$0.208664-0.07%
  • frax-shareFrax Share(FXS)$7.81-0.16%
  • Bitget TokenBitget Token(BGB)$0.3969100.47%
  • singularitynetSingularityNET(AGIX)$0.454467-5.60%
  • xdce-crowd-saleXDC Network(XDC)$0.0395683.39%
  • compound-ethercETH(CETH)$35.44-0.65%
  • EdgecoinEdgecoin(EDGT)$1.00-0.12%
  • pax-goldPAX Gold(PAXG)$2,003.760.09%
  • trust-wallet-tokenTrust Wallet(TWT)$1.212.82%
  • Tokenize XchangeTokenize Xchange(TKX)$6.22-1.52%
  • tether-goldTether Gold(XAUT)$1,990.640.10%
  • binaryxBinaryX(BNX)$165.94-5.94%
  • Halo CoinHalo Coin(HALO)$0.057352-0.04%
  • zilliqaZilliqa(ZIL)$0.027321-0.21%
  • compound-usd-coincUSDC(CUSDC)$0.022907-0.02%
  • osmosisOsmosis(OSMO)$0.80-0.23%
  • FlareFlare(FLR)$0.0358588.91%
  • loopringLoopring(LRC)$0.3453680.64%
  • radixRadix(XRD)$0.041777-1.12%
  • render-tokenRender(RNDR)$1.17-5.27%
  • 1inch1inch(1INCH)$0.51-0.12%
  • nexoNEXO(NEXO)$0.754.95%
  • thorchainTHORChain(RUNE)$1.400.17%
  • mask-networkMask Network(MASK)$5.49-7.14%
  • arweaveArweave(AR)$8.120.12%
  • Rocket Pool ETHRocket Pool ETH(RETH)$1,883.230.41%
  • oec-tokenOKC Token(OKT)$22.33-0.37%
  • kavaKava(KAVA)$0.871.51%
  • gemini-dollarGemini Dollar(GUSD)$1.000.40%
  • enjincoinEnjin Coin(ENJ)$0.3898070.52%
  • fetch-aiFetch.ai(FET)$0.3733992.58%
  • cdaicDAI(CDAI)$0.0222450.01%
  • convex-financeConvex Finance(CVX)$5.130.52%
  • casper-networkCasper Network(CSPR)$0.0356381.86%
  • zcashZcash(ZEC)$35.81-0.10%
  • btse-tokenBTSE Token(BTSE)$2.35-0.96%
  • DeFiChainDeFiChain(DFI)$0.55-1.15%
  • EthereumPoWEthereumPoW(ETHW)$3.410.15%
  • dydxdYdX(DYDX)$2.35-4.05%
  • DogechainDogechain(DC)$0.001787-24.98%
  • basic-attention-tokenBasic Attention(BAT)$0.239377-1.34%
  • nemNEM(XEM)$0.0392000.01%
  • FLOKIFLOKI(FLOKI)$0.0000362.26%
  • ethereum-name-serviceEthereum Name Service(ENS)$13.28-1.04%
  • WEMIXWEMIX(WEMIX)$1.38-1.11%
  • Nexus MutualNexus Mutual(NXM)$49.56-0.56%
  • baby-doge-coinBaby Doge Coin(BABYDOGE)$0.0000000.49%
  • BeldexBeldex(BDX)$0.06319313.49%
  • qtumQtum(QTUM)$3.13-3.17%
  • woo-networkWOO Network(WOO)$0.194723-1.07%
  • Aleph ZeroAleph Zero(AZERO)$1.46-0.77%
  • decredDecred(DCR)$21.650.60%
  • theta-fuelTheta Fuel(TFUEL)$0.052724-0.48%
  • holotokenHolo(HOT)$0.001790-1.59%
  • injective-protocolInjective(INJ)$3.95-5.48%
  • terra-luna-2Terra(LUNA)$1.30-0.08%
  • MagicMagic(MAGIC)$1.46-4.26%
  • ravencoinRavencoin(RVN)$0.0259260.24%
  • kusamaKusama(KSM)$33.26-0.37%
  • KaspaKaspa(KAS)$0.016927-1.12%
  • galaGALA(GALA)$0.039379-1.25%
  • celoCelo(CELO)$0.60-0.90%
  • compound-governance-tokenCompound(COMP)$42.61-0.15%
  • bitcoin-goldBitcoin Gold(BTG)$16.54-0.30%
  • oasis-networkOasis Network(ROSE)$0.056904-1.29%
  • olympusOlympus(OHM)$10.270.22%
  • Gains FarmGains Farm(GFARM2)$7,940.81-0.41%
  • gnosisGnosis(GNO)$108.280.08%
  • safemoonSafeMoon [OLD](SAFEMOON)$0.0000000.83%
  • yearn-financeyearn.finance(YFI)$8,345.46-1.48%
  • linkLINK(LN)$41.130.16%
  • AstarAstar(ASTR)$0.0621781.95%
  • balancerBalancer(BAL)$6.772.70%
  • ankrAnkr Network(ANKR)$0.033054-2.97%
  • Access ProtocolAccess Protocol(ACS)$0.008950-3.73%
  • audiusAudius(AUDIO)$0.269552-0.06%
  • liquity-usdLiquity USD(LUSD)$1.020.33%
  • chiaChia(XCH)$38.312.78%
  • omisegoOMG Network(OMG)$1.87-6.50%
  • Bone ShibaSwapBone ShibaSwap(BONE)$1.134.38%
  • harmonyHarmony(ONE)$0.0208631.61%
  • IdeaChainIdeaChain(ICH)$4.730.00%
  • ftx-tokenFTX(FTT)$1.89-21.52%
  • nucypherNuCypher(NU)$0.196788-0.76%
  • Crypto Gladiator LeagueCrypto Gladiator League(CGL)$0.16194440.57%
  • huobi-btcHuobi BTC(HBTC)$27,598.00-0.15%
  • SSV NetworkSSV Network(SSV)$34.640.66%
  • AstraferAstrafer(ASTRAFER)$1.560.10%
  • stepnSTEPN(GMT)$0.385627-1.56%
  • golemGolem(GLM)$0.2407940.33%
  • convex-crvConvex CRV(CVXCRV)$0.801.90%
  • Manchester City Fan TokenManchester City Fan Token(CITY)$11.87-1.78%
  • iotexIoTeX(IOTX)$0.024507-5.58%
  • justJUST(JST)$0.025972-0.01%
  • world-mobile-tokenWorld Mobile Token(WMT)$0.2920233.33%
  • DAO MakerDAO Maker(DAO)$1.540.57%
  • escoin-tokenEscoin(ELG)$2.840.94%
  • moonbeamMoonbeam(GLMR)$0.375456-1.28%
  • Meerkat SharesMeerkat Shares(MSHARE)$11,715.17-5.03%
  • tether-eurtEuro Tether(EURT)$1.080.49%
  • band-protocolBand Protocol(BAND)$1.796.12%
  • BlurBlur(BLUR)$0.53-0.85%
  • jasmycoinJasmyCoin(JASMY)$0.004642-1.40%
  • Staked LunaStaked Luna(STLUNA)$88.35-0.49%
  • Frax EtherFrax Ether(FRXETH)$1,752.52-0.02%
  • Gains NetworkGains Network(GNS)$7.13-4.11%
  • ecomiECOMI(OMI)$0.000803-1.21%
  • amp-tokenAmp(AMP)$0.003847-1.02%
  • wavesWaves(WAVES)$2.15-0.06%
  • kadenaKadena(KDA)$0.95-3.67%
  • bloxBlox(CDT)$0.294599-18.20%
  • siacoinSiacoin(SC)$0.004034-0.90%
  • iconICON(ICX)$0.217295-1.02%
  • Ankr Staked ETHAnkr Staked ETH(ANKRETH)$1,925.73-2.13%
  • terrausdTerraClassicUSD(USTC)$0.0207961.61%