Secret Network’s Axelar bridge drained for $4.67 million in infinite-mint exploit that went unnoticed for seven days
Secret Network says about $770,000 of the stolen funds still sits in the attacker's Axelar wallet, and that Axelar declined its request to freeze it.
A critical security vulnerability in Secret Network's Axelar bridge resulted in the theft of approximately $4.67 million through an infinite-mint exploit. The attack went undetected for seven days before being identified, allowing the attacker to drain funds from the bridge over an extended period. Secret Network has since disclosed that roughly $770,000 of the stolen assets remains in the attacker's Axelar wallet. However, the network confirmed that Axelar declined its formal request to freeze those funds.
Secret Network is a privacy-focused blockchain that enables encrypted smart contracts, while Axelar provides cross-chain communication infrastructure connecting various blockchain ecosystems. Infinite-mint exploits typically involve a vulnerability that allows an attacker to fraudulently create or mint tokens beyond a protocol's intended supply limits, enabling them to drain liquidity or bridged assets without immediate detection.
The incident raises renewed concerns about the security of cross-chain bridge infrastructure, which has historically been a significant target for malicious actors. Bridge exploits have collectively accounted for billions of dollars in losses across the broader cryptocurrency industry, and this latest event underscores ongoing challenges in monitoring and auditing cross-chain protocols in real time. The seven-day detection gap also highlights the difficulty of identifying such exploits before substantial damage occurs.
Observers will be watching whether Secret Network pursues further legal or on-chain recovery options for the remaining frozen funds, and whether Axelar revisits its decision regarding the wallet in question.
Source: The Block
