What happened in the $100 Million Binance Bridge hack?

An exploit on a cross-chain bridge that stole about $100 million in digital assets was discovered by BNB Chain, a blockchain connected to the Binance cryptocurrency exchange. This was reported by hackers news.com

BSC Token Hub, a native cross-chain bridge connecting BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), was impacted by an exploit, it was reported last week. The low level proof was expertly forged into a single common library to create the exploit.

The exploit on the cross-chain bridge “resulted in excess BNB,” according to Changpeng Zhao, CEO of Binance, which led to a temporary suspension of the Binance Smart Chain (BSC) was stated by hackersnews.com.

Binance stated earlier this February that BNB, which stands for “Build and Build” (formerly known as Binance Coin), is the blockchain gas currency that “fuels” transactions on BNB Chain.

Since the BSC Token Hub bridge’s weakness allowed the unidentified threat actor attacker to illegally generate fresh BNB tokens, no user funds are believed to have been affected.

According to blockchain security firm SlowMist, the attack entailed the withdrawal of two million BNB in two transactions, but the chain’s suspension stopped the theft of approximately $430 million in cryptocurrency.

It follows the attacks on the Axie Infinity, Harmony Horizon, and Nomad bridges as the most significant instances to target cross-chain bridges this year, which enable the movement of assets between blockchains.

In August, the blockchain analytics company Chainalysis reported that 13 cross-chain bridge attacks had resulted in the theft of $2 billion in cryptocurrencies, or 69% of the total assets taken in 2022.

Additionally, the development coincides with the disclosure by cybersecurity firm Bitdefender of information about a cryptojacking effort that used Microsoft OneDrive’s known DLL side-loading flaws to create persistence and spread cryptocurrency mining software.

In a similar development, Trend Micro disclosed that an attacker going by the name of Water Labbu attacked 45 cryptocurrency-based scam websites run by other criminals in an effort to steal victims’ money and transfer it to a wallet under their command.

The threat actor infected harmful JavaScript code into the webpages of other con artists while acting as a decentralized application (DApfuelhackersnews.com claimed in a report published last week.


“Hackers Steal $100 Million Cryptocurrency from Binance Bridge.” The Hacker News, thehackernews.com/2022/10/hackers-steal-100-million.html?m=1. Accessed 26 Oct. 2022.


Share & like

Related Posts