CZ Binance Confirms BSC Cross-Chain Bridge Exploit
An attacker stole 2 million BNB, nearly $600M from the Binance crosschain bridge, Binance Token Hub.
An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly.
— CZ 🔶 Binance (@cz_binance) October 6, 2022
Binance smart chain, the blockchain of the world's largest cryptocurrency exchange was suspended on Oct. 6 due to an "irregular activity" on the network that resulted in the loss of 2 million BNB, nearly $600M, according to on-chain data provided by sources on the popular social media platform Twitter.
Blockchain security firm, Slowmist, reported that the initial funding for the BNB bridge—Binance Token hub— exploit came through ChangeNOW, a non-custodial instant cryptocurrency exchange.
Hey @BNBCHAIN, the address that shows up as unknown actually belongs to @ChangeNOW_io pic.twitter.com/cksUnLRRSb
— MistTrack🕵️ (@MistTrack_io) October 7, 2022
The exploiter stole a total of 2 million BNBs in two transactions, deposited nearly $260M in Venus protocol, a decentralized protocol for lending on BSC, before spreading the funds across multiple Dapps, to launder the funds on more censorship-resistant Blockchains.
Using our AML platform @MistTrack_io, we discovered the hacker used the following to launder funds:
— SlowMist (@SlowMist_Team) October 7, 2022
ChangeNOW(BSC/AVAX C-CHAIN/FTM)
MultichainOrg (Multichain)
VenusProtocol
Alpaca Finance
Stargate
Curve
Uniswap V3
Trader Joe
Blizz
PancakeSwap
Platypus
Geist
SushiSwap
With transactions on BSC temporally halted, the exploiter has over $400M stuck on the network. Binance CEO reported the current impact estimate to be around $100M; the exploiter succeeded in taken off the funds from BNB chain, through EVM compatible-chains and L2s before the halt.
Samczsun, a researcher at Paradigm made a 21-part thread on Twitter, aimed at unravelling how the exploiter was able to "convince" the BNB cross-chain bridge to make a transfer of 1M BNB to them. Twice.
Five hours ago, an attacker stole 2 million BNB (~$566M USD) from the Binance Bridge. During that time, I've been working closely with multiple parties to triage and resolve this issue. Here's how it all went down. pic.twitter.com/E0885Dc3lW
— samczsun (@samczsun) October 6, 2022
He concluded that the fons et origo of the unprecedented exploit is most likely due to a critical bug in the BNB chain bridge, stating that the damage could have been worse.
Meanwhile, Tether has blacklisted the exploiter's $4.7M USDT address.
It is still unclear at this time how the exploit was undertaken, however, Â the CEO of Binance Chanpeng Zhao says the issue is contained, and user funds are safe.
