BNB Chain Team Restores Network After $100M Hack
The BNB Chain team has suspended the network amid the BSC Token Hub bridge hack. The hackers stole over $544 million worth of digital assets, but managed to withdraw only $100 million.
BSC Token Hub is the internal cross-chain bridge of the BNB Chain ecosystem. It enables the transfer of tokens between the BNB Beacon Chain governance blockchain and the BNB Smart Chain (BSC) consensus layer.
According to Binance CEO Changpeng Zhao, the attackers took advantage of an exploit that “led to the emergence of additional BNB.” The project team asked the validators to suspend the BSC.
The BNB Chain team has posted a code update. Activation of the hard fork by validators will result in:
Zhao stressed that “the problem is contained” and user funds “are safe.” According to BscScan, at the time of writing, the network does not produce blocks.
According to DeBank, the cybercriminals’ address holds digital assets worth over $544 million — 80% of the funds (~$433 million) are in the BNB Chain network and cannot be withdrawn.
Paradigm researcher samczsun explained that a critical vulnerability in the BSC Token Hub allowed hackers to carry out a double-spend attack.
According to SlowMist, an analytics company, the attackers financed the attack from addresses belonging to the ChangeNOW cryptocurrency exchange service. After executing the exploit, they contributed 900,000 BNB to the Venus Protocol landing page to open $147 million in overcollateralized positions.
The Venus Protocol team emphasized that user funds are safe. The developers explained that the hackers would either pay off the loan and liquidity would return to previous levels, or disappear with the borrowed stablecoins and positions would be “slowly liquidated.”
Recall that in September 2022, the market maker Wintermute lost $160 million in assets as a result of a hacker attack.
Our team already assumed technically that there would be a fall in the market. It happened a week before our signal in telegram channel.