Skip to content

BNB Chain resumes operations after $100-million hack – here’s what happened

BNB Chain resumes operations after $100-million hack - here’s what happened

As the blockchain and cryptocurrency industry grows, it increasingly becomes the target of larger and bolder attacks shaking the community, with the most recent one directed at the BNB Smart Chain (BSC).

Specifically, the hackers targeted BCS’s cross-chain bridge BSC Token Hub – the bridge between BNB Beacon Chain (BEP2) and BNBChain (BEP20 or BSC) – resulting in the suspension of operations on the entire chain, as the CEO of Binance Changpeng Zhao explained on October 7.

At roughly the same time, the suspension was also announced at the BNB Chain’s own Twitter account, which stated that:

“Due to irregular activity we’re temporarily pausing BSC. We apologize for the inconvenience and will provide further updates here. Thank you for your patience and understanding.”

Scope of the attack on BSC

According to the estimates by the blockchain security and analytics company PeckShield, the losses could be estimated to around $580 million:

“The total stolen funds from BSC TokenHub Exploiter are 2M BNB (~586M loss), and here comes the ~$89.5m stolen funds that have been moved off-chains to others (~58% to Ethereum, ~33% to Fantom and ~4.5% to Arbitrum).”

In the meantime, similar information was shared by blockchain security firm SlowMist, which stated that:

However, according to the BNB Chain’s Reddit account, “initial estimates for funds taken off BSC are between $100M and $110M. However, thanks to the community and our internal and external security partners, an estimated $7 million has already been frozen.”

The blockchain’s infrastructure at the moment seems to be back in full operation, as confirmed by BNB Chain on Twitter:

How it all happened

Around the same time, samczsun, the research partner at crypto investment firm Paradigm, explained in a series of tweets how the hack was carried out. According to him, “the attacker had somehow convinced the Binance Bridge to simply send them 1,000,000 BNB. Twice.”

The dead giveaways, as samczsun said, were the suspiciously low withdrawal amounts, as well as the length of the attacker’s proof, which “was significantly shorter that the legitimate withdrawal’s proof,” which lead him to believe “that the attacker had found a way to forge a proof for that specific block.”

After explaining all the technical details of the hack, the analyst concluded that:

“In summary, there was a bug in the way that the Binance Bridge verified proofs which could have allowed attackers to forge arbitrary messages. Fortunately, the attacker here only forged two messages, but the damage could have been far worse.”

BNB social engagements soar as price plummets

Meanwhile, the hack seems to have caused a spike in Binance Coin (BNB) social engagements, which soared up to 27.26 million or 198.8% upon the news of the exploit, according to the data and chart published by the crypto social intelligence platform LunarCrush.

Binance Coin 1-day social activity. Source: LunarCrush

That said, the price of BNB currently stands at $285.20, down 3.04% on the day, as well as losing 0.56% across the previous week. The market cap of the fifth largest cryptocurrency by this indicator is $46.01 billion, according to CoinMarketCap data.

Disclaimer: The content on this site should not be considered investment advice. Investing is speculative. When investing, your capital is at risk. 

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account? Sign In

Services

IMPORTANT NOTICE

Finbold is a news and information website. This Site may contain sponsored content, advertisements, and third-party materials, for which Finbold expressly disclaims any liability.

RISK WARNING: Cryptocurrencies are high-risk investments and you should not expect to be protected if something goes wrong. Don’t invest unless you’re prepared to lose all the money you invest. (Click here to learn more about cryptocurrency risks.)

By accessing this Site, you acknowledge that you understand these risks and that Finbold bears no responsibility for any losses, damages, or consequences resulting from your use of the Site or reliance on its content. Click here to learn more.