Binance says at least $100 million stolen in blockchain attack

Another day, another crypto bridge exploit

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Criminals were able to exploit a flaw in Binance Bridge and tried to get away with at least $100 million in cryptocurrencies, the company has admitted.

Binance Bridge is a cross-chain platform that allows cryptocurrency users to exchange tokens from one chain (for example, Ethereum), to another (for example, Binance Chain). The bridges are often riddled with flaws, and as such are a major target for cybercriminals. Some of the biggest crypto heists came as a result of an exploited bridge (think Ronin bridge, Wormhole, Harmony, and others). In fact, blockchain analysis firm Chainalysis recently said that more than $2 billion were stolen in bridge hacks, this year alone.

Creating tokens out of thin air

In this particular instance, the attacker did not steal anyone’s tokens but rather discovered a flaw that allowed them to create additional tokens out of thin air. In a Reddit post published late last night, Binance representatives explained that someone abused an exploit on a cross-chain bridge, BSC Token Hub, “which resulted in extra BNB”.

“We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” the announcement reads.

Binance moved in to pause the entire chain until the issue was resolved, while Tether blacklisted the account.

Hackers steal $100m from another breached crypto bridge>The maker of Axie Infinity just suffered one of the largest heists in crypto history>These are the best firewalls around

However the jury is still out on exactly how much money was taken, and where it ended up. While Binance’s Reddit post claims anywhere between $100M and $110M, a DeFi developer going under the pseudonym “foobar” claims the figure is closer to 2 million BNB - or $600 million.

“Thanks to the community and our internal and external security partners, an estimated $7M has already been frozen,” the Reddit post concludes. While Binance’s speed at tackling the issue is commendable, it raised the question of the chain’s decentralization among many cryptocurrency users.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case