In a major security breach of the new month, the Nervos Network’s Force Bridge has suffered a $3 million exploit with the hacker stealing multiple assets and swapping it all into ETH, prior to white-washing it through Tornado Cash. Force Bridge is a cross-chain protocol that connects Ethereum and Nervos.
The onchain security firm Cyvers reported the incident on X, revealing that a suspicious address gained control of the bridge and siphoned off assets including 257.8K USDT, 539.09 ETH, 898.3K USDC, 60.4K DAI, and 0.79 WBTC. The stolen funds were swiftly swapped to ETH and funneled through Tornado Cash, a cryptocurrency mixer infamous for laundering illicit proceeds.
Force Bridge, launched on Nervos’ mainnet in 2021, enables seamless transactions between Nervos and other multiple blockchain networks, including Ethereum.
Despite a secure protocol infrastructure and reliance on multi-signature wallets for security, the breach has exposed Force Bridge’s vulnerabilities in its smart contracts. Magickbase, the developer firm associated with Force Bridge, announced to pause services and team investigation on the abnormal activity.
This exploit underscores the persistent risks in DeFi, where hacks remain rampant. Moreover, the use of Tornado Cash to obscure the funds echoes its controversial history, including a 2023 U.S. indictment of its founders for laundering over $1 billion, often linked to North Korean cybercrime.
Also read: ZachXBT Calls on BitoPro to Explain $11.5M Hot Wallet Breach
