SHIBARIUM

DESCRIPTION OF EVENTS

Shibarium is a Layer 2 blockchain solution designed to enhance the Shiba Inu ecosystem by providing a faster, more cost-efficient, and secure platform for decentralized applications (dApps). Built on Ethereum’s robust infrastructure, Shibarium leverages the security and reliability of Ethereum while addressing key challenges like high transaction fees and slow processing speeds. By doing so, Shibarium aims to empower users, developers, and businesses within the Shiba Inu community and beyond. Its low-cost, high-speed transactions make it an attractive option for both small and large-scale operations.

At its core, Shibarium utilizes a Proof-of-Stake (PoS) consensus mechanism, where validators stake BONE tokens to participate in securing the network and validating transactions. This PoS system not only ensures the security and decentralization of the blockchain but also promotes transparency and accountability. Transactions on the Shibarium network are fully transparent, enabling users to track all activities, and are processed with minimal fees, making it an economical choice for those seeking to interact with blockchain technology. These features align with Shibarium’s overarching goal of offering a blockchain "for the people."

Shibarium also serves as the foundation for the broader Shiba Inu ecosystem, including projects like ShibaSwap and the Shiba Metaverse. Its focus on scalability and efficiency makes it an ideal platform for developers looking to build new dApps or integrate existing ones into the ecosystem. Additionally, the inclusion of tools for validators and developers, as well as resources for token bridging and staking, ensures a seamless experience for users at all levels. By decentralizing operations and ensuring low fees and high-speed transactions, Shibarium positions itself as an essential tool for the growth of the Shiba Inu community and the wider blockchain space.

Unfortunately, it appears that the vast majority of the Shibarium validators were compromised, 10 of 12 validators.

The attacker exploited a flash loan to acquire 4.6 million BONE tokens, gained access to validator signing keys, and used majority validator power to sign a malicious state that drained assets from the bridge. The attacker approved fraudulent checkpoints to withdraw funds from the bridge.

The hack exploited a critical flaw in Shibarium’s security model, which relies on a small number of validators (12 in total) to secure the network. Shibarium’s consensus mechanism requires just 8 out of 12 validator signatures (a two-thirds majority) to approve state checkpoints. The attacker compromised 10 of the 12 validator signing keys, essentially taking control of the network’s ability to approve transactions. By using a flash loan to acquire 4.6 million BONE tokens, the attacker gained temporary voting power, enabling them to participate in the attack. This allowed them to sign fraudulent checkpoints, drain assets from the bridge, and immediately repay the loan with the stolen funds—without any complex smart contract manipulations.

The attack was made possible by Shibarium's lack of fraud detection in the bridge contract, which processes transfers based purely on validator consensus. The absence of validity proofs meant that as long as enough validators approved a transaction, Ethereum’s contracts would release the funds. This made the network vulnerable to manipulation when a majority of validators could be co-opted with the flash loan, allowing the attacker to exploit the system’s design flaw. L2BEAT had previously flagged this scenario as a significant risk, warning that "funds can be stolen if validators submit a fraudulent checkpoint." Unfortunately, this warning was ignored, and the security model’s reliance on trusting the majority of validators proved to be a fatal weakness.

Tikkala Security:

"Shibaswap rootchain manager contract uses the stored root Merkle hash in each checkpoint. Somehow, an attack could add a "legit" checkpoint root hash with signatures from 10 signers. For each exit() call in the root chain manager contract, it verifies if any request is a legitimate leaf under that root hash. As soon as the attacker controls the root hash, they can manipulate as many leaves as they want."

Losses were originally reported as $2.8m by Tikkala Security. Rekt News calls the situation "a $3 million heist".

To mitigate the impact of the attack, Kaaldhairya and the Shiba Inu team took swift action by pausing the stake/unstake functionality to prevent any further unauthorized transactions. They also transferred the stake manager funds to a hardware wallet, which is secured by a trusted 6/9 multisig group, ensuring that the funds are temporarily protected while they assess the situation and investigate the extent of any potential compromise to the validator keys. These measures were put in place to safeguard the assets and maintain control over the network during this critical period.

The Shibarium team is currently assessing the situation and next steps further. While the attacker was able to compromise the majority of Shibarium's validator keys and steal funds from the bridge, key actions have been taken to limit further damage and protect community assets. Shibarium's team immediately paused the stake/unstake functionality and transferred the stake manager’s funds to a hardware wallet secured by a trusted 6/9 multisig group. This move was temporary to prevent any further unauthorized access while the extent of the validator key compromise was being assessed.

The attack’s aftermath revealed the critical weakness in Shibarium’s bridge security model, which depends on consensus rather than verification. The exploit showcased how vulnerable Shibarium was to this model, with L2Beat having already warned about the risk of stolen funds if validators were to submit fraudulent checkpoints. While efforts are underway to address the situation and recover some of the funds, the Shibarium incident serves as a cautionary tale about the perils of placing too much trust in a central group of validators without proper checks.

This attack has raised fundamental questions about decentralization on Shibarium—specifically whether it was truly decentralized or merely an illusion, especially when only two validators acted independently while others fell in line with the malicious checkpoint. The Shibarium team has offered a bounty for the return of the stolen funds, reflecting a dire situation where the perpetrators seem to have the upper hand, despite the frozen assets and ongoing investigation.

Once the security of the validator keys is confirmed and the stake manager funds are restored, the next priority would likely be to verify if any user funds were affected. If any assets were drained or lost due to the attack, the Shiba Inu team would need to consider compensation or other remedies to restore user balances, potentially working with the community to determine a fair solution.

Looking ahead, the team is focused on verifying the integrity of the validator control and completing the secure transfer of keys. They plan to restore the stake manager funds once everything is confirmed secure. They are actively collaborating with cybersecurity firms like Hexens, Seal 911, and PeckShield to investigate the breach, and authorities have been notified. If the attacker returns the stolen funds, the team is open to negotiating, offering a small bounty and no legal action. The priority remains securing the network and community assets.

Shibarium, a Layer 2 blockchain designed to enhance the Shiba Inu ecosystem with faster and cheaper transactions, suffered a major attack on September 12, 2025. The exploit targeted its validator model, where 10 out of 12 validators were compromised through a flash loan attack. The attacker gained majority control, used 4.6 million BONE tokens to temporarily gain voting power, and authorized fraudulent state checkpoints to withdraw funds from the bridge. This attack revealed a critical flaw in Shibarium's security, which relied on validator consensus without fraud detection. Immediate actions included pausing stake/unstake functionality and securing funds in a multisig wallet. The team is investigating the breach, collaborating with cybersecurity firms, and offering a bounty for the return of stolen assets. The incident has raised concerns about Shibarium's decentralization and the vulnerability of its consensus model.

Shibarium Rekt - Etherscan (Sep 24)
Attacker Address - EtherScan (Sep 24)
Legit Merkle Root Added And Large Attack - EtherScan (Sep 24)
Kaal Dhairya - "Earlier today, a sophisticated ( probably planned for months ) attack was carried out using a flash loan to purchase 4.6M BONE. The attacker gained access to validator signing keys, achieved majority validator power, and signed a malicious state to drain assets from the bridge." - Twitter/X (Sep 24)
PeckShield - "Hi @ShytoshiKusama, you may want to take a look" - Twitter/X (Sep 24)
Second Attack Transaction - EtherScan (Sep 24)
Shibarium Webpage (Sep 24)
Why Shibarium? - Shibarium Docs (Sep 24)
Get Started on Shibarium - Shibarium Docs (Sep 24)
Shiba Inu Homepage (Sep 24)
Shibaswap Root Chain Manager Contract - EtherScan (Sep 24)

More case studies

NPM Josh Junon qix Supply Chain
Address Swap Malware Heist

Kame Aggregator Swap Function
Arbitrary Executor Call Bug