BNB Chain halts upon $100M cross-chain bridge exploit 

BNB Chain has faced a significant exploit, with all deposits and withdrawals suspended on the network

Binance BNB Chain

Source: binance.com

The blockchain of crypto exchange Binance was halted on Oct. 6 due to an exploit on its cross-chain bridge. It is estimated that attackers have stolen about $100 million worth of cryptocurrency. 

At first, BNB Chain announced the temporary pause due to “irregular activity” on the blockchain. In an update, the blockchain was declared “under maintenance,” suspending all deposits and withdrawals. Finally, the company’s management confirmed they have suspended BSC due to the exploit.  

Earlier, the third-party on-chain analytics on Twitter suggested alleged hackers exploited about two million BNB ($600 million).

In their theory, the attacker claimed a one million BNB reward through the token hub and deposited the balance into the DeFi lending platform Venus Protocol. Then malefactors borrowed $150 million worth of stablecoins spread across USD Coin, tether and BUSD to swap the tokens for Ether, Phantom Protocol (PHM) tokens and Polygon (MATIC). Another one million BNB was placed into Stargate Protocol, another cross-chain bridge provider.

A later update by a BNB Chain developer on Reddit stated that the initial estimates for the exploit are between $100 – $110 million, with roughly $7 million frozen.

BNB Chain said the exploit, perpetrated on the cross-chain bridge BSC Token Hub, resulted in the creation of “extra BNB.” However, they reassured the public that its systems are contained and user funds are safe, while the company continues to investigate the vulnerability.

Zane Huffman, strategy lead of DeFi platform Vesper Finance, concluded the attacker managed to get off with roughly $100 million from an initial exploit of nearly $600 million.

Huffman added the attacker has roughly $400 million worth of digital assets frozen on the BNB Chain, with more possibly stuck in cross-chain bridges on the BNB blockchain side.

Stablecoin provider Tether has blacklisted the address associated with the exploit.

SEE ALSO:

SEC tracks on Binance’s proprietary coin- the BNB

Binance partners Ukrainian supermarket chain to enable crypto payments

Binance introduced a Refugee Crypto Card for Ukrainians fleeing war