Binance, a cryptocurrency trading platform, confirmed that it lost at least $100 million to hackers. This forced the Binance blockchain, also known as BNB Chain and Binance Smart Chain, to suspend transactions and fund transfers after discovering a vulnerability affecting the BSC Token Hub cross-chain bridge.
The exploit was on a cross chain bridge. Cross-chain bridges are tools that allow the transfer of tokens from one blockchain to another. Network validators are entities or individuals who confirm transactions on the blockchain.
According to a Chainalysis report in August 2022, hackers have increasingly targeted cross-chain bridges, with some $2bn stolen in 13 different hacks.
The incident was corroborated by Binance CEO, Changpeng Zhao via a tweet. According to him, “An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly.”
Due to the vulnerability in the BSC Token Hub bridge, the attacker was able to forge messages, enabling them to mint new BNB tokens. Since the stolen tokens were not preexisting tokens taken from wallets, no user funds were impacted.
Changpeng Zhao said that the current impact estimate was around $100m USD equivalent, about a quarter of the last BNB burn.
