BNB Chain Hacked, $100 M drained
On October 6, a glitch was discovered on the BNB Chain that allowed someone to create $570 million worth of BNB tokens. The BNB Chain was halted for a few hours while a software patch was created. The good news is that the hacker retrieved a smaller amount.
BNB Chain had to stop on Thursday, October 6, as the blockchain that has ties to the largest crypto exchange in the world suffered what it called a ‘potential exploit.’ On-chain evidence indicated that the potential exploit could have been used to target hundreds of millions of crypto dollars.
BNB Chain is made up of BNB Beacon Chain (BSC) and BNB Smart Chain.
“Due to irregular activity we’re temporarily pausing BSC,” BNB Chain tweeted. Later, it confirmed that the activity was a potential exploit that it described as contained.
Due to irregular activity we're temporarily pausing BSC. We apologize for the inconvenience and will provide further updates here.
— BNB Chain (@BNBCHAIN) October 6, 2022
Thank you for your patience and understanding.
Initial token movements indicated that 2 million BSC tokens worth approximately $570 million were being targeted by an attacker on Thursday. However, in a tweet, Binance CEO Changpeng Zhao stated that the attacker could only get away with $100 million. BNB Chain also tweeted to say that $7 million was already frozen.
An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly.
— CZ 🔶 Binance (@cz_binance) October 6, 2022
The fact that such a small amount of assets was stolen underlines the benefits of BNB’s choice to stop the chain and not risk any more assets fleeing. Blockchains are supposedly decentralized entities that can operate independently from single entities. It is impossible to flip a switch to turn it on or off.
On a Reddit thread, BSC confirmed it coordinated the shutdown of the chain following issues with the BSC Token Hub protocol. This protocol is the clearing house for crypto transactions between the Binance-linked Blockchain’s interlocking components. The BSC team thanked the validators for their speedy action.
After confirming that the chain was halted, the team thanked the validators for their cooperation.
We want to thank all node service providers for their quick and attentive response.
— BNB Chain (@BNBCHAIN) October 6, 2022
Since then, the chain has been back online, and BNB Chain stated that it would hold a series of on-chain governance votes to decide whether or not the hacker funds should be frozen. A vote will be held on a bug bounty system that will reward those who prevent future hacks.
BSC’s native BNB token was rocked by the threat of an attack. It dropped to $278 from $293.10, according to CoinMarketCap, which Binance owns.
On-chain data shows two large withdrawals of 1,000,000 BSC tokens by an attacker who seized crypto assets with cross-chains bridges, swaps, and loans. BNB’s Twitter account assured that all funds were safe and promised to “help freeze any transfer.”
Twitter detectives have discovered that Tether, the largest stablecoin provider, has blacklisted the address in question. This suggests that Tether suspects that the tokens were moved as a result of an attack.
BNB Smart Chain has resumed
The official Twitter account of BNB chain has tweeted that the chain is back in business after a software update was issued to prevent hackers from accessing accounts.
📢BNB Smart Chain (BSC) is running ok from 20+ mins ago.
— BNB Chain (@BNBCHAIN) October 7, 2022
The validators are confirming their status and the community infrastructure are upgrading as well.
BNB Smart Chain (BSC), which was reopened at 06:40 UTC after chain validators had adopted a software upgrade that would close an exploit used by hackers for stealing funds from the chain.