Hackers have exploited a cross-chain bridge to divert more than $560 million worth of cryptocurrency from Binance Bridge.
Operating on the Binance Coins (BNB) Smart Chain, Binance Bridge is a blockchain bridge designed to help with the transfer of information and assets between blockchains.
On Thursday, Binance CEO Changpeng Zhao announced on Twitter that hackers exploited a vulnerability in the BSC (BNB Chain) Token Hub cross-chain bridge (blockchain bridge).
“An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” he said.
According to Zhao, the overall impact of the hack is of around $100 million worth of BNB. However, the attackers’ wallet reportedly received two transactions of 1,000,000 BNB each, worth a total of more than $560 million.
Soon after, the hackers started transferring funds to other cryptocurrency wallets, including over $50 million to Etherium and roughly the same amount to Fantom.
In addition to acknowledging the hack, Binance announced that it worked with validators to temporarily suspend BSC, to freeze transfers. The cryptocurrency trading platform says that it has already recovered some of the stolen funds.
“We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” Binance said in a Reddit post.
“Initial estimates for funds taken off BSC are between $100M – $110M. However, thanks to the community and our internal and external security partners, an estimated $7M has already been frozen,” the platform said.
Binance has launched an investigation into the incident, but has not provided details on how the hack has happened. A fix has been rolled out to address the exploit in BSC.
Threat actors have increasingly targeted blockchain bridges. Victims include Nomad, ($200 million losses), Horizon ($100 million), Ronin Validator ($600 million), and Wormhole ($300 million).
Related: Over $300 Million in Cryptocurrency Stolen in Wormhole Hack
Related: Hackers Steal Over $600M in Major Crypto Heist
Related: Nearly $200 Million Stolen From Cryptocurrency Bridge Nomad
More from Ionut Arghire
- CISA, NSA Issue Guidance for IAM Administrators
- Cisco Patches High-Severity Vulnerabilities in IOS Software
- ‘Nexus’ Android Trojan Targets 450 Financial Applications
- ‘Badsecrets’ Open Source Tool Detects Secrets in Many Web Frameworks
- Chrome 111 Update Patches High-Severity Vulnerabilities
- BreachForums Shut Down Over Law Enforcement Takeover Concerns
- Ransomware Will Likely Target OT Systems in EU Transport Sector: ENISA
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
Latest News
- CISA, NSA Issue Guidance for IAM Administrators
- Analysis: SEC Cybersecurity Proposals and Biden’s National Cybersecurity Strategy
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Cisco Patches High-Severity Vulnerabilities in IOS Software
- ‘Nexus’ Android Trojan Targets 450 Financial Applications
- Tackling the Challenge of Actionable Intelligence Through Context
- Dole Says Employee Information Compromised in Ransomware Attack
- Backslash Snags $8M Seed Financing for AppSec Tech
