Quick Takeaways
- Hackers tried to steal over $1 million worth of BONE Token using a flash loan trick.
- Developers stepped in fast, freezing the stolen tokens before they could be moved.
- Staking is now paused, and new security steps are in place to prevent future attacks.
BONE Token at the Heart of a Failed Flash Loan Exploit
The Shiba Inu ecosystem had a close call this week. A hacker or possibly a group tried to exploit the Shibarium bridge by targeting the BONE Token, a key part of the network’s governance and validator system.
They weren’t just messing around. The attacker tried to use a flash loan to get their hands on 4.6 million BONE tokens, which gave them temporary power to approve fake transactions.
Their goal? To drain the bridge of assets and walk away with nearly $1 million worth of tokens.
But things didn’t go as planned for them.
Thanks to BONE staking and the Shiba Inu team’s quick move, most stolen tokens were frozen before leaving.
How the BONE Token Attack Actually Happened
This wasn’t your average rug pull or phishing scam. It was well-planned and highly technical.
Here’s what went down:
- Flash Loan Setup
The attacker took out a flash loan on ShibaSwap to buy a huge amount of BONE Token enough to temporarily influence Shibarium’s validator network. - Validator Takeover
With that power, they pushed through a fake approval that let them drain 224.57 ETH and 92.6 billion SHIB tokens from the bridge. - Covering Their Tracks
About 216 ETH went to repay the flash loan, making it look like nothing was stolen, but that wasn’t true. - Why They Failed
Luckily, the BONE tokens were still staked, giving the Shiba Inu team time to freeze the funds before any damage was done. - Another Failed Attempt
The attacker tried dumping $700K in KNINE tokens, but the K9 FinanceDAO multisig team blocked it in time.
What the Shiba Inu Team Did to Protect the BONE Token
Once the attack was spotted, the devs quickly locked things down to stop further damage:
- Staking Paused
First, they paused all staking and unstaking of BONE Token to stop any similar attacks. - Funds Moved to Multisig Wallets
They moved the funds to a hardware wallet with a 6-of-9 multisig, requiring several trusted signers for any transaction. - Validator Keys Replaced
They’re also working on issuing new validator keys to prevent this kind of exploit from happening again. - Investigation Launched
Developers teamed up with top security firms like PeckShield, Seal911, and Hexens to trace the attacker and understand the full picture. - Offer to the Attacker
In a twist, the team offered the hacker a deal to return the funds and avoid legal action. They even offered a bounty as an incentive.
What Happened to the BONE Token Price?
You’d think a hack attempt like this would tank the token, right? But no BONE Token actually jumped nearly 40%after the news broke.
That’s most likely due to the developers’ prompt and open handling of the matter. SHIB experienced a minor increase of roughly 8%, but the ecosystem as a whole appeared to exhale in relief.
Curiously, the team was implementing a significant ShibaSwap update at the time of all this drama. The new version now supports swaps on Polygon, Arbitrum, Base, and other networks without relying on external bridges, which were the main target of this attack.
Lucie, one of the ecosystem’s leads, said it best:
“This upgrade makes ShibaSwap a real multi-chain player and lays the groundwork for deeper Shibarium integration.”
