BNB Chain, a blockchain linked to the world’s largest crypto exchange Binance, has been hit by a $570 million exploit, a Binance spokesperson said on Oct. 7. BNB Chain resumed its suspended blockchain after several hours.
Changpeng “CZ” Zhao, Binance CEO, said in a tweet that tokens were stolen from a blockchain “bridge” used in the BNB Chain, formerly known as Binance Smart Chain.
Blockchain bridges are tools used to transfer cryptocurrencies between different applications. According to Chainalysis research, criminals have increasingly targeted them, with some $2 billion stolen in 13 different hacks, mostly in 2022.
The hackers stole around $100 million worth of crypto, Zhao said in his tweet. Later, BNB Chain said in a blog post that a total of 2 million of the BNB cryptocurrency – worth around $570 million – was withdrawn by the hacker.
The majority of the BNB remained in the hacker’s digital wallet address, while about $100 million worth was “unrecovered,” the Binance spokesperson said by email.
BNB Chain supports the BNB token, previously known as Binance Coin, which is the world’s fifth-largest token with a market value of over $45 billion, according to data from CoinGecko.
Elliptic, a London-based crypto blockchain analysis firm, told Reuters that the hacker had minted 2 million new BNB tokens before transferring most of the funds to other cryptocurrencies including Tether and USD Coin.
BNB Chain suspended its blockchain for several hours before resuming at around 06:30 GMT.
BNB Chain was “able to stop the incident from spreading” by contacting the blockchain’s “validators,” – entities or individuals who verify blockchain transactions, it said in its blog post. There are 44 validators across several time zones, it added.
Binance describes BNB Chain as a “community-driven, open-sourced and decentralized ecosystem,” saying it would introduce a new “governance mechanism” and expand the number of validators to counter future hacks.
In March, hackers stole around $625 million from a blockchain bridge – Ronin Bridge – in one of the largest crypto heists in history, which the US authorities later linked to North Korean hackers.