Hackers Steal $570 Million in Crypto Tokens From Binance’s BNB Chain
Hackers Steal $570 Million in Crypto Tokens From Binance’s BNB Chain.
It has certainly been a tough year for cryptocurrencies, which was compounded by the theft of more than $500 million in crypto tokens from crypto giant Binance on Thursday night.
The vulnerability severely affects Binance Bridge, a cross-chain bridge that allows tokens to be transferred between two related blockchains operated by the Binance cryptocurrency exchange and collectively known as the BNB Chain.
According to well-known smart contract analyst samczsun, the attackers forged transactions, which allowed them to withdraw 2 million BNB tokens from the bridge, worth around $570 million.
An estimated $87 million of funds were completely removed from the BNB ecosystem; however, the remaining funds could not be transferred immediately, as BNB Chain took strong measures to completely stop the blockchain, meaning no transactions could be made after this be processed.
“A vulnerability in the cross-chain bridge, the BSC Token Hub, resulted in additional BNB,” Binance CEO Changpeng Zhao said in a tweet shortly after the attack. “We have asked all validators to temporarily suspend BSC [Binance Smart Chain].”
A tweet from the BNB Chain account said that as of early Friday morning, the blockchain was starting to resume operations.
In an “ecosystem update,” the BNB Chain team apologized for the bug and said the project will hold a series of on-chain governance votes to decide whether to freeze the hacked funds and whether it should provide funds for catching the perpetrators Bounty.
“From a broader perspective, we’ve seen a flurry of attacks targeting cross-chain bridge vulnerabilities,” the blog post reads. “We will share publicly the details of the post-mortem investigation and all the lessons learned on how to implement more advanced security measures to harden these vulnerabilities.”
In recent years, cross-chain bridges have become the most common location for ultra-high-value hacks, in part because they store very large cryptocurrency tokens at any one time.
While the early days of the cryptocurrency industry were characterized by frequent attacks on exchanges, security has greatly improved, with hackers needing to break through many layers of security in order to withdraw funds.
With a cryptocurrency bridge, the ability to fake a valid transaction is enough to take nine-figure funds in some cases.