Shibarium (Bridge): Flash Loan Validator Capture → Fraudulent Checkpoint → Bridge Drain
An attacker flash-loaned enough BONE to control 10 of Shibarium's 12 validators in a single block, signed fraudulent bridge checkpoints, and drained $3M — exactly the attack L2BEAT had warned about in writing.
Summary #
Shibarium (Bridge) suffered a Bridge / L2 Infrastructure on 2025-09-12, resulting in a loss of approximately $3M.
What happened #
An attacker flash-loaned enough BONE to control 10 of Shibarium's 12 validators in a single block, signed fraudulent bridge checkpoints, and drained $3M — exactly the attack L2BEAT had warned about in writing.
Linked factors #
- RD-F-100 — illustrative : Flash loan > $10M origination — RT signal [via realtime_signals/Unusual borrowing: Y — 4.6M BONE flash-purchased in same block as exploit; validator power spiked anomalously]
- RD-F-126 — causal : Is-a-fork-of (Cat 8 anchor) [via dashboard_risk_factors/Forked?: Y — Polygon PoS-derived architecture]