{"id":7699,"date":"2022-10-07T23:27:49","date_gmt":"2022-10-07T23:27:49","guid":{"rendered":"http:\/\/cryptoheretostay.com\/?p=7699"},"modified":"2022-10-07T23:27:49","modified_gmt":"2022-10-07T23:27:49","slug":"bnb-chains-566m-hack-binance-networks-major-bridge-attack-unpacked","status":"publish","type":"post","link":"https:\/\/cryptoheretostay.com\/?p=7699","title":{"rendered":"BNB Chain\u2019s $566M Hack: Binance Network\u2019s Major Bridge Attack Unpacked"},"content":{"rendered":"<p> <script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"crypto\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<\/p>\n<h3>Key Takeaways<\/h3>\n<p>BNB Chain suffered a $566 million exploit Thursday after a hacker tricked the BSC Token Hub bridge into sending them two million BNB.<br \/>\nThe hacker took a novel approach to siphon the funds across other networks, making off with about $110 million.<br \/>\nThe BNB Chain halted the network and is weighing an asset freeze, highlighting major centralization issues. <\/p>\n<p>Share this article<\/p>\n<p>The BNB Chain team temporarily halted the network in response to the attack, which speaks volumes about the network\u2019s centralization issues.\u00a0\u00a0<\/p>\n<h2>BNB Chain Targeted<\/h2>\n<p>Last night\u2019s nine-figure hack on BNB Chain\u2019s bridge has caused a major commotion in the cryptocurrency community.\u00a0<\/p>\n<p>An attacker targeted the Binance-run blockchain network late Thursday, successfully making off with around $110 million worth of crypto. But while $110 million is by all accounts a pretty tidy paycheck for a few hours of work, it\u2019s just a fraction of the overall size of the exploit. On-chain data shows that the attacker commenced the elaborate hack by tricking BNB Chain\u2019s BSC Token Hub bridge into sending them two million BNB tokens worth about $566 million. According to Paradigm researcher samczsun, the attacker used a complex multi-step process to exploit a bug in the bridge, effectively forging the bridge\u2019s code so that they could make two separate one million BNB withdrawals. The bridge sent the funds and continued to run as normal until multiple community members raised suspicions over the size of the withdrawals. The BNB Chain responded by halting the blockchain.\u00a0<\/p>\n<h2>Bridge Flaws Exposed\u00a0<\/h2>\n<p>The incident caught the crypto space\u2019s attention partly due to the scale of the exploit. Though the hacker\u2019s takings are currently around $110 million, the two million BNB theft places the incident on a par with other major attacks like the $552 million hack on Axie Infinity\u2019s Ronin bridge in March. Once again, the BNB Chain exploit has sounded the alarm on the security risks of cross-chain bridges. As crypto has evolved and various Layer 1 networks have emerged alongside Ethereum (BNB Chain itself is essentially an Ethereum clone), demand for cross-chain interoperability has soared. That\u2019s created an opportunity for bridges like BNB Chain\u2019s product to cater to the market\u2019s needs. Per Defi Llama data, the total value locked in crypto bridges is over $10 billion today, helped by BNB Chain and other networks soaring in popularity in 2021.\u00a0<\/p>\n<p>While bridges are useful for connecting blockchains, they\u2019re widely considered less secure than base layer networks like Bitcoin and Ethereum because they often use a central storage point to lock deposited assets. That\u2019s led to a surge in hacks; an August Chainalysis report found that bridge hacks account for 69% of all crypto theft, with the takings topping $2 billion to date.\u00a0<\/p>\n<p>While bridge hackers usually have different methods for stealing funds, they\u2019re typically able to execute their attacks by exploiting shoddy code. The BNB Chain hack was no different; the attacker found a way to forge a proof so that they could make two fraudulent withdrawals. They quickly funneled the funds to different locations, meaning that a significant portion of the stolen funds was already on the move when the BNB Chain team decided to halt the network.\u00a0<\/p>\n<h2>Tracking the Attacker\u2019s Moves\u00a0<\/h2>\n<p>Perhaps the most curious element of the hack has been the attacker\u2019s activity following the exploit itself. Given the size of the haul, the hacker faced limitations in their options for laundering the funds\u2014simply because bigger pots like this tend to draw more attention from crypto, on-chain investigators, and authorities alike. On-chain data shows that the hacker transferred their funds to multiple locations, but they took a novel approach that differs from most other similar thefts.\u00a0<\/p>\n<p>As the Treasury Department noted when it banned Tornado Cash in August, hackers frequently turn to crypto mixers to siphon stolen funds. While the hacker could have pulled a similar move to cover their traces, they instead opted to deposit just under half of the takings into Venus Protocol, a lending product on BNB Chain. That may be because they would have struggled to exchange all of their BNB tokens without impacting the price; Tornado Cash takes deposits in ETH, DAI, cDAI, USDC, and USDT, meaning they would have had to trade their assets and move over to Ethereum to use it.\u00a0<\/p>\n<p>By providing BNB as collateral on Venus, the hacker was able to borrow around $150 million in stablecoins. This is an interesting play because they borrowed USDT, USDC, and BUSD\u2014centralized stablecoins that can be frozen by their issuers. Tether blacklisted at least $6.5 million of the haul, blocking the hacker from cashing out the USDT they borrowed. The hacker used several strategies to deploy their funds on other networks, converting much of the haul into ETH.\u00a0<\/p>\n<p>Blockchain security firm SlowMist estimates that the hacker moved around $110 million from BNB Chain to six other Ethereum-compatible networks: Ethereum, Polygon, Fantom, Avalanche, Arbitrum, and Optimism. However, the bulk of the transferred funds have not yet been laundered, and the hacker has left most of the takings on BNB Chain. For such a sophisticated attack, they\u2019ve left a huge sum of money on the table given that the stolen BNB could be frozen.\u00a0<\/p>\n<p>BNB took a hit following the incident and is down about 3.5% today. Besides BNB, the hacker\u2019s largest position is ETH\u2014they currently have over $32.5 million sitting in this wallet.\u00a0<\/p>\n<h2>BNB Chain Responds\u00a0<\/h2>\n<p>The BNB Chain team responded to the incident as talk of the attack circulated on Crypto Twitter. The blockchain\u2019s official Twitter account confirmed at 22:19 UTC that it had paused the network, noting that it had identified a \u201cpotential exploit.\u201d Some applauded the team for the response, with Binance CEO Changpeng \u201cCZ\u201d Zhao saying that he was \u201cimpressed by the quick actions the [team] took.\u201d However, the decision to halt the chain also prompted many to call out the blockchain\u2019s centralized design. \u201cYou\u2019re supposed to be immutable fren,\u201d tweeted the Bitcoin DeFi project Stacks. Others posted memes of CZ to imply that he had full oversight of the network\u2019s validators.\u00a0<\/p>\n<p>Immutability is considered a key feature of blockchain and cryptocurrency technology, but controlled network halts expose centralization issues that throw that idea to sea. When a blockchain can be paused, it\u2019s not immutable. The largest blockchain, Bitcoin, has never been halted since it launched in 2009. Bitcoin has over 10,000 full validator nodes worldwide, while Ethereum has just over 8,000. Like BNB Chain, Ethereum operates a Proof-of-Stake mechanism with over 400,000 validators securing the network. BNB Chain, meanwhile, relies on just 44 (of those 44, 26 are currently active). In a statement, the BNB Chain team said that \u201cdecentralized chains are not designed to be stopped,\u201d adding that contacting the network\u2019s 26 active validators prevented further damage.\u00a0<\/p>\n<p>BNB Chain successfully restarted the network after syncing validators early Friday, and the network is now running as normal with the hacker\u2019s wallet blacklisted. Questions remain over what will happen to the BNB and centralized stablecoins on BNB Chain, currently valued at over $426 million (the hacker still has $254 million worth of BNB collateralized against $147 million worth of stablecoins on Venus). Due to the scale of the attack, it\u2019s likely that authorities will soon be involved, too.\u00a0<\/p>\n<p>BNB Chain\u2019s statement said that it would be down to the community to decide whether to freeze the hacked funds \u201cfor the common good of BNB,\u201d and it\u2019s also offering a bounty reward of 10% of the recovered funds for uncovering the hacker. The BNB Chain took responsibility for the incident in its note. \u201cWe want to apologize to the community for the exploit that occurred. We own this,\u201d the note read.\u00a0<\/p>\n<p><em>Disclosure: At the time of writing, the author of this piece owned ETH, USDT, MATIC, and several other cryptocurrencies.\u00a0<\/em><\/p>\n<p>Share this article<\/p>\n<p>The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.<\/p>\n<p>You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.<\/p>\n<p>See full terms and conditions.<\/p>\n<p><script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"bitcoin\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<br \/><a href=\"https:\/\/cryptobriefing.com\/bnb-chain-566m-hack-binance-networks-major-bridge-attack-unpacked\/?utm_source=category_feed&#038;utm_medium=rss\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Key Takeaways BNB Chain suffered a $566 million exploit Thursday after a hacker tricked the BSC Token Hub bridge into sending them two million BNB. The hacker took a novel approach to siphon the funds across other networks, making off with about $110 million. The BNB Chain halted the network and is weighing an asset [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":7426,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[4],"tags":[],"class_list":["post-7699","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-market-news"],"_links":{"self":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7699","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7699"}],"version-history":[{"count":1,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7699\/revisions"}],"predecessor-version":[{"id":7700,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/7699\/revisions\/7700"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/media\/7426"}],"wp:attachment":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7699"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7699"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7699"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}