Binance’s Crypto Fall on Heels of ‘Potential Exploitation’
- Early indications are that Binance’s network has been hacked for hundreds of millions of dollars
- According to chain analysis by Blockworks’ Research, the attacker, or attackers, have managed to “bridge out” to several other chains, including Avalanche and Polygon
Binance’s network, BNB Chain, has been hacked for potentially hundreds of millions of dollars in what the cryptocurrency exchange previously called a “potential exploitation” of a transverse chain bridge.
Binance said on Twitter it had paused its network – sending the price of Binance Coin (BNB) lower on the news, which was down more than 3% to $283 by 7pm ET.
“An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your money is safe. We apologize for the inconvenience and will provide further updates as per this,” Binance CEO Changpeng Zhao later confirmed via Twitter.
BSC Token Hub is the bridge between BNB Beacon Chain (BEP2) and BNB Chain (BEP20 or BSC). Binance had previously said it was temporarily halting the chain due to “irregular activity.”
Eagle-eyed Twitter users appeared to be the first to identify roughly two million BNB—more than $566 million—that had been transferred to an apparent attacker’s address that has so far managed to bridge somewhere in the neighborhood of $110 million.
In a post on Reddit around 7:15 PM ET, Binance thanked node service providers for their “quick and attentive response.”
These providers include Hash, Neptune, TW Staking, BSCScan, Legend, CertiK, Figment, NodeReal, Namelix, Defibit, Fuji, InfStones, MathWallet, Pexmons, Ankr, BNB48 Club, Avengers, Tranchess and Coinbase Cloud.
Managers of BNB Chain now asking BSC Validators to get in touch with them in the next few hours to schedule a node upgrade.
Total losses may turn out to be much less
The wallet address, confirmed by Ryan West, a Blockworks’ Research analyst, shows that the wallet has transferred approximately $53 million of BNB to ether (ETH), plus $48 million to the Fantom blockchain, as well as additional funds to Avalanche, Optimism, and Polygon protocols.
“Thanks to the community and our internal and external security partners, an estimated $7 million has already been frozen,” Binance tweeted shortly after informing users of the exploit.
The same wallet belonging to the attacker has been blacklisted from Tether, per West.
About $433 million, 80% of the total, remained on the BNB chain a few hours after the stock market’s closing bell in New York, blockchain analytics firm Halborn told Blockworks.
It will mark the industry’s second-largest hack, after the $625 million Axie Infinity Ronin Bridge exploit in March.
According to on-chain analysis, the attacker used the Stargate cross-chain bridge protocol to transmit. Binance representatives did not immediately return a request for comment.
Attend DAS:LONDON and hear how the biggest TradFi and crypto institutions see the future of crypto’s institutional adoption. Register here.