How Global Blockchain Teams Stopped Over $470 Million in BNB Being Hacked

On October 6, BNB Chain suddenly stopped after experiencing massive exploitation. By attacking one of the main bridges of the blockchain system, hackers were able to exploit flawed code to create tokens at a rapid rate.

In just a few hours, they had created nearly $600 million in value, which they quickly began liquidating from the platform. Nevertheless, due to the quick reaction of the validation teams, the chain was able to prevent the large bulk of the capital from leaving the ecosystem.

In this article, we will turn to these BNB Chain validators, and demonstrate exactly how their quick action and international response managed to save the platform, its customers and investors for millions of USD.

Let’s get right into it.

What happened?

The BNB chain, which is a blockchain aligned with one of the world’s leading crypto exchange platforms, Binance, experienced an exploit. Hackers targeted the BSC Token Hub, a central bridge within the infrastructure of the chain.

Finding an exploit in the bridge, hackers minted more BNB tokens at an alarming rate. These hackers were effectively able to create new cryptocurrency directly for themselves, quickly remove the capital they had created into their own accounts and liquidate it.

Within 90 minutes, the hackers had created almost 2,000,000 new BNB coins. Before the hack was noticed, this figure was worth around $570 million. The team of hackers began to liquidate this huge figure, taking it off the chain as quickly as possible.

Fortunately, validators noticed the strange activity and rapid mining of new BNB and got down to business. By notifying the right people and freezing the chain, they stopped the hackers from withdrawing the total amount.

Instead of the full $570 million, those exploiting the exploit were only able to steal around $100 million in BNB. While this was still a major impact, causing the BNB token to drop in value since the attack, this was only a small percentage of the full damage that could have been done.

Do we know who exploited the exploit?

As of October 24th, Binance has released information to the public claiming that they are getting close to narrowing down who did the hack. With the help of law enforcement, they have a better idea of ​​who might have committed the exploit.

That said, they’re still not sure, with the $100 million that was stolen seemingly completely gone. While the BNB chain works to fortify its bridges, Binance has devoted itself to finding the perpetrators of the crime.

How validators saved the day

It is undeniable that the quick reaction of BNB chain validators was the salvation in this scenario. If they hadn’t noticed the strange happenings from the bridge so quickly, the hackers would have had significantly more time to liquidate even more funds.

Considering they were able to move $100 million from the system in just 90 minutes, the difference between finding out 30 minutes later could have been catastrophic for the ecosystem. The BNB chain has 26 unique validators, spanning the entire globe. Due to their vigilance, the system was able to react quickly and neutralize the threat as quickly as possible.

But the support that validators provided didn’t just stop there. After the incident, the BNB outage became a money-sucking drain on the entire system. All validators had stopped services when the blockchain stopped, meaning they needed time to get back up and running when the blockchain was ready to start again.

Without validators, DeFi applications cannot run properly, causing the vast majority of tertiary blockchain applications on the system to fail. This creates a snowball effect, causing even more problems down the line.

One of BNB Chain’s validators, Ankr, provided the solution where. Ankr’s RPC services were extremely quick to respond after the BNB breach. Unlike other validators, who hesitated to bring their services back online, Ankr’s RPC services immediately resumed the moment BNB Chain relaunched.

During the outage, Ankr’s RPC server remained directly connected to the blockchain, ensuring that all data was consistent the moment the ecosystem came back online. Ankr was able to do this partly because of the international team they employ. Instead of being focused on one specific region, Ankr spreads its DevOps teams around the world.

With this approach, they are able to cover a 24-hour window, with time zones that allow a team of engineers to be constantly active, online and ready for response. Their international location of teams reflects the central ideals of blockchain – with the proliferation of decentralized teams reflecting the location of international nodes.

Instead of knocking on one specific country or focusing efforts in one region, Ankr’s international approach to DevOps allowed them to alert the system, come back online immediately and allow BNB Chain’s DApps to continue working.

Ankr was one of the fastest to respond to the incident, developing, testing and releasing security patches in less than 30 minutes. Their response demonstrates the commitment that validators have to their ecosystems, with Ankr exemplifying a near-perfect crisis response.

Final thoughts

As decentralized systems, blockchain networks rely on the validators they have available to them. As these systems continue to grow in popularity, in addition to accumulating more total funds, they will become even more of a target for exploitation. While decentralization is a strength of the system, it also leads to a number of potential security issues when information is not shared.

By working with validators, blockchain networks are able to bring additional levels of security, monitoring and due diligence to their systems. Ankr is a fantastic example of how enriching it can be to work with validators.

From speeding up the daily transaction rates of ecosystems to providing a level of support, these are critical to the blockchain’s success. If this incident has taught us anything, it’s that blockchain systems need to create international teams to help them respond to incidents. A critical incident can occur at any time – we must be ready when they do.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *