On September 18, the security agency BlockSec said that it was detected that the attacker was replaying PoS chain messages in Ethereum Pow. The root cause of this vulnerability is that the bridge did not correctly verify the actual chainid of cross chain messages.
The attacker first transferred 200 WETH through omni bridge of Gnosis chain, and then replayed the same message on PoW chain to obtain an additional 200 ETHW. As a result, the balance of the chain contracts deployed on the PoW chain will be exhausted.