After discovering a $100M cross-chain bridge attack, BNB Chain suspends its network.

The BNB Chain team acknowledged reports of a severe exploit, and the network has therefore halted all deposits and withdrawals.

Due to a weakness in its cross-chain bridge, Binance’s BNB Chain ($284) blockchain was halted on October 6 with attackers stealing an estimated $100 million worth of cryptocurrency.

The momentary delay was initially reported by the BNB Chain’s official Twitter account as being caused by “irregular activity” on the blockchain, but it was quickly clarified to be due to a potential vulnerability. The blockchain was “under maintenance,” stopping all deposits and withdrawals, according to a statement from Binance.

On-chain analytics revealed that claimed attackers allegedly used two million BNB, the chain’s native coin, with a market value of around $600 million, according to earlier Twitter rumors.

A BNB Chain developer later acknowledged the existence of the hack on Reddit and stated that the value of the attack is initially estimated to be between $100 million and $110 million, with about $7 million frozen.

While reassuring the public that its systems are controlled and customer assets are secure while it investigates the vulnerability, BNB Chain said that the hack, which was used on the BSC Token Hub, created “additional BNB.”

Before the formal disclosures, Twitter users conducted an initial on-chain analysis that revealed the attacker used the token hub to collect a reward of one million BNB before putting the remaining funds into the decentralized finance (DeFi) lending platform Venus Protocol.

They utilized cross-chain bridges to trade the stablecoins for Ether ($1,354), Phantom Protocol (PHM) tokens, Polygon ($0.8418), and $150 million worth of stablecoins divided between USD Coin ($1.00), Tether ($1.00), and Binance USD (BUSD), before the BNB Chain was suspended.

Another cross-chain bridge supplier, Stargate Protocol, was used by the attacker to exploit another million BNB.

Following Zhao’s later disclosure of a number of approximately $600 million, Zane Huffman, strategy lead for DeFi platform Vesper Finance, came to the conclusion that the attacker stole about $100 million from the initial $600 million target.

According to Huffman, the attacker has digital assets worth around $400 million locked on the BNB Chain, with more assets perhaps trapped in cross-chain bridges on the BNB blockchain side.

Tether, a stablecoin provider, has also blocked the address linked to the hack.

Leave a Reply