There is another hacking incident in the cryptocurrency market, and this time the victim is Binance Smart Chain (BSC).
Binance founder and CEO Changpeng Zhao (CZ) and BNB Chain officials announced this morning (7) that additional Binance Coins (BNB) will be generated due to the intrusion of the cross-chain bridge BSC Token Hub, so BSC will be shut down. For some time, it has repeatedly emphasized that “user funds are safe”, but preliminary estimates are that the total amount of funds lost from BSC is between $100 million and $110 million, of which about $7 million has been frozen.
An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly.
— CZ 🔶 Binance (@cz_binance) October 6, 2022
According to Paradigm researcher Samczsun, the on-chain data and related codes show that there are loopholes in the verification method of the BSC cross-chain bridge, allowing attackers to forge arbitrary messages. In this attack, the hacker successfully passed the BSC cross-chain bridge through forged messages. , so that the cross-chain bridge sent 2 million BNB to the attacker’s address.
However, whether the official successfully intercepted the 2 million BNB has not yet been known. The cryptocurrency research team MICA Research commented:
The advantage of a centralized blockchain is that it can immediately freeze assets or suspend blockchain operations in the event of a hacker attack, minimizing losses. Officials also pointed out that $7 million was successfully left in Binance Chain.
The blockchain security company Paidun also issued a statement saying that BNB Chain hackers have transferred about $89.5 million in attack proceeds to other blockchains, of which about 58% were transferred to Ethereum, about 33% were transferred to Fantom, and about 50% were transferred to Fantom. 4.5% is transferred to Arbitrum.