Binance, one of the largest cryptocurrency exchanges, announced it halted its BNB Chain, composed of BNB Beacon Chain and BNB Smart Chain (BSC), following a hack targeting its bridge. The hackers allegedly withdrew almost $580 million worth of BNB from the bridge.
2 million BNB taken off Binance bridge following a hack on BNB Chain
In an early post today, BNB Chain announced on Twitter that the actual loss was estimated at $70 - $80 million and that around $7 million of funds were frozen.
Binance confirmed this morning (October 7, 2022) the exploit of the BNB Chain affecting the BSC Token Hub, a cross-chain bridge between the BNB Beacon Chain and BSC.
Changpeng Zhao (CZ), Binance's CEO, also posted on Twitter early Friday: "An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly."
Binance equally announced that the system was fully back under control and that the team is currently investigating the vulnerability, but confirms that “all money is safe”. The BNB Chain team also released an article earlier with updates concerning the exploit. It states that "the vast majority of the funds remain under control".
According to the well-known DeFi developer 'foobar', hackers actually managed to withdraw 2 million BNB, more than $600 million in total, from the bridge. Major crypto providers, including Tether, the issuer of USDT, have also blacklisted the address involved in the exploit.
Following the funds related to exploit
Scorechain has promptly red-flagged the address used in the exploit in its database. Users can therefore identify any kind of exposure related to the exploit.
The exploiters withdrew the 2 million BNB tokens in two transactions of 1 million BNB each (around $293 million). The total amount accounts for over $580 million.
According to the team's preliminary analysis, the hackers have started swapping some of the funds, even if the vast majority remain at the address. For instance, they have swapped BNB and BUSD on PancakeSwap:
- 79,905.313 BNB and 9,999,999.562 BUSD swapped for
- 26,133,537.493 USDT and 4,000,000.055 USDC.
The Scorechain team will keep on monitoring the funds. More updates to come.
Would you like to see how Scorechain's blockchain analytics tools can help you avoid exposure to hacked funds and related money laundering risks? Request a free demo now.
Scorechain is a Risk-AML software provider for cryptocurrencies and digital assets. As a leader in crypto compliance, the Luxembourgish company has helped over 200 customers in 40 countries since 2015, ranging from cryptocurrency businesses to financial institutions with crypto trading, custody branch, digital assets, customers onboarding, audit and law firms, and some LEAs.
Scorechain solution supports Bitcoin analytics with Lightning Network detection, Ethereum analytics with all ERC20 tokens and stablecoins, Litecoin, Bitcoin Cash, Dash, XRP Ledger, Tezos, Tron with TRC10/TRC20 tokens, and BSC with BEP20 tokens. The software can de-anonymize the Blockchain data and connect with sanction lists to provide risk scoring on digital assets, transactions, addresses, and entities.