Overview

• Shiba Inu created an on-chain escrow offering 50 ETH to the exploiter contingent on returning all tokens and providing a full technical disclosure, with a conditional legal waiver upon verified restitution.
• The attacker used a flash-loan-style swap to amass 4.6 million BONE, delegated it to Ryoshi Validator 1 to exceed two-thirds voting power, and pushed a malicious state co-signed by compromised internal validators.
• Seventeen assets were taken from the canonical bridge, including about $1.0 million in ETH, $1.3 million in SHIB, $717,000 in KNINE, $680,000 in LEASH, and $260,000 in ROAR.
• Bridge operations remain suspended as most stolen tokens stay under the attacker’s control, with USDC and USDT converted to ETH and attempted KNINE sales blocked after K9 Finance DAO blacklisted the wallet.
• Shiba Inu revoked key bridge permissions, tightened Plasma path parameters, engaged firms such as PeckShield, Tikkala Security, and Pulse Digital for forensics, and says a detailed post-mortem will follow.