Reporter | Si LinweiBlockchain network security continues to be challenged.On October 7th Beijing time, one of the most active public chains in the world, BNBChain, was hacked, involving assets worth over $500 million
Reporter | Si Linwei
Blockchain network security continues to be challenged.
On October 7th Beijing time, one of the most active public chains in the world, BNBChain, was hacked, involving assets worth over $500 million. According to BNBChain's official statement, the funds that hackers have extracted from BNBChain are initially estimated to be between $70 million and $80 million, and have since been updated to be between $100 million and $110 million. With the help of the community and internal and external security cooperation teams, an estimated $7 million has been frozen. BNBChain tweeted that due to abnormal activity, deposit and withdrawal activities have been suspended.
On October 8th, BNBChain resumed operation. BNBChain is incubated by the world's largest cryptocurrency exchange, CoinChain, consisting of BNBBeconChain and BNBSmartChain. Its network token "BNB" is currently the fifth largest cryptocurrency by market value. Zhao Changpeng, the founder of Coin An, immediately followed the attack and said on social media, "We have requested all validators to suspend the BSC network. This issue is now included. Your funds are secure. We deeply apologize for any inconvenience caused and will provide further updates accordingly
It is reported that hackers discovered vulnerabilities and launched attacks from the cross chain bridge "BSCTokenHub" of BNBChain. In blockchain networks, cross chain bridges can transfer assets from one blockchain network to another, but there are currently frequent hacker attacks in this field.
On the early morning of October 7th Beijing time, the hacker address used a cross link bridge vulnerability to obtain a total of 2 million BNBs in two rounds, worth approximately $566 million.
On chain data shows that the address obtained a total of 2 million BNBs from BNBChain's "BSCTokenHub" system contract in two installments, and pledged 900000 BNBs through the BNBChain loan agreement Venus, lending 62.5 million BUSD, 50 million USDT, and 35 million USDC.
The parent company of stable currency USDT, Tether, has blacklisted the hacker address, and it is reported that the hacker address also holds ETHs worth more than $45 million. Meanwhile, blockchain security company PeckShield 7 announced that hackers have transferred $50 million in funds to the Fantom network. As of now, there are still 1 million BNBs left in the hacker address, worth over $280 million.
According to the tracking of blockchain security service provider Ouke Cloud Chain, hackers have been conducting attacks since October 6th. The hacker used the ChangeNOW service to transfer over 100 BNBs onto the BSC chain as initial attack funds. After discovering the contract vulnerability, the hacker bypassed the contract detection of the BNB chain and issued a large number of BNB tokens.
The theft of 2 million BNBs has become one of the most serious blockchain hacker attacks in recent times. Affected by this incident, on October 7th, the price of BNB tokens dropped from $293.10 to $280.40.
After the incident, the BNBChain team announced that four actions will be determined by an on chain governance vote, namely whether the stolen funds will be frozen, whether the BNB automatic destruction mechanism should be used to compensate for the stolen losses, and a vulnerability reward mechanism will be issued. Each major mistake will be rewarded with $1 million, and the hacker hunt bonus will be announced as 10% of the recovered funds.
Zhao Changpeng, the founder of Coin An, later tweeted that his level of technical participation in BNBChain was much lower than that of Vitalik, the founder of Ethereum. However, he was impressed by the reaction speed of the BNBChain team and believed that the most important principles for handling the incident were "speed, transparency, and responsibility".
According to Chainalysis's data, as of 2022, cross chain bridge hacking incidents accounted for 69% of hacking attacks, with theft amounts exceeding $2 billion. Previously, the world's hottest blockchain game, AxieInfinity, suffered a hacker attack on the Ronin cross chain bridge, resulting in a loss of approximately $620 million. Cross chain Polynetwork has also been hacked into stealing over $600 million in assets due to vulnerabilities.
Disclaimer: The content of this article is sourced from the internet. The copyright of the text, images, and other materials belongs to the original author. The platform reprints the materials for the purpose of conveying more information. The content of the article is for reference and learning only, and should not be used for commercial purposes. If it infringes on your legitimate rights and interests, please contact us promptly and we will handle it as soon as possible! We respect copyright and are committed to protecting it. Thank you for sharing.(Email:[email protected])