More than $560M Exploited From Binance Bridge

More than $560M Exploited From Binance Bridge

Two million $BNB was stolen from Binance Smart Chain Thursday night due to an exploit on the chain’s Token Hub bridge, according to a Friday morning statement from the Binance (BNB) Chain Team. 

The statement confirmed earlier reports from 0xfoobar surrounding the amount the exploiter moved and how they were able to manipulate the bridge by forging proofs to submit two fraudulent transactions of one million BNB each (about $560 million in total).

The price of BNB fell sharply during the exploit, from $293 to $280 in a two-hour period Thursday night. The large transactions were spotted by several Twitter users, some who speculated a BNB whale was making moves to short BNB and long ETH, and using low slippage to swap to stablecoins and bridge to other chains such as Fantom, Arbitrum, Optimism, Avalanche and Polygon.

It wasn't until the attacker’s wallet address was blacklisted on Tether, that BNB Chain was shut down. The team contacted the 26 validators of the network to temporarily pause transactions after the exploit was discovered.

As of Friday morning, the attacker’s address held the following assets (in dollar value), according to Debank:

  • $426 million on BNB Chain
  • $52 million on Ethereum
  • $48 million on Fantom
  • $3.9 million on Arbitrum
  • $3.3 million on Avalanche
  • $1.1 million on Optimism
  • $399,000 on Polygon

BNB has a $45.6 billion market cap, which makes it the fifth-largest coin in the crypto market.

The network resumed transactions early Friday morning with a new update for those running validator nodes that blacklisted the attacker’s wallet addresses, locking up the $426 million in stolen assets on the chain.

Initial reports from Binance CEO Changpeng Zhao put the impact of the loss to about $100 million. 

Zhao, a frequent champion of decentralization, was criticized for the network being paused.

Binance responded to this criticism in the statement Friday.

“Decentralized chains are not designed to be stopped, but by contacting community validators one by one, we were able to stop the incident from spreading," the statement said.

There were also unconfirmed reports of the BNB Chain attacker launching a few coins (BNBHACKERINU and HACKERSHIBA) and rugging them.

Disclaimer: The author or members of the Lucky Trader staff may own NFTs discussed in this post. Furthermore, the information contained on this website or the Lucky Trader mobile application is not intended as, and shall not be understood or construed as financial advice. AI may have assisted in the creation of this content.