Binance Hacked : 2 million BNB Stolen and Users Data on Sell

Hacker stole nearly $600 million worth of cryptocurrency BNB, which is issued and maintained by popular crypto exchange Binance.
Binance Hacked : 2 million BNB Stolen and Users Data on Sell
Another central Defi bridge has been exploited, and Binance’s Ethereum-compatible blockchain is the target.

Binance Smart Chain (BSC) has been paused after hackers reportedly stole 2 million Binance Coins (BNB), worth $566 million, from the Binance Bridge. 

The CEO of Binance acknowledged the security incident and tweeted that an exploit was used in the BSC Token Hub to transfer the BNB to the attacker and that they had asked all validators to suspend the Binance Smart Chain.

All the stolen BNB was worth around $560M as of Oct. 6. The attacker then deposited BNB into Venus, a lending protocol on BSC, and borrowed 150M in stablecoins.

In the blog post, Binance wrote-

"There was an exploit affecting the native cross-chain bridge between BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), known as “BSC Token Hub.” A total of 2 million BNB was withdrawn. The exploit was through a sophisticated forging of the low-level proof into one common library."

Just an hour after the news of the security incident goes online, a post on popular hacker forums emerged selling 500K Binance user information(KYC) including mail and passwords for a price of 50000USD in Bitcoin. Hackers claim the data is from the current month (October), including identity information, phone number, and mail address. The hacker (Seller of data) is offering to give 500 BNB for free to every buyer. [Sample data check below image]

Binance user data hacked

Binance offers a bounty of 10% of the recovered fund to individuals or groups for catching hackers. Additionally, Binance announced to start Whitehat program (BugBounty Program) for future bugs found, and $1M for each significant bug found

"Lastly, we owe a debt of gratitude to the community for moving so quickly to minimize what could have been a more serious incident. We’re sorry for any inconvenience that the suspension of BNB Smart Chain has caused, but we are truly grateful to the community for their support." - Binance wrote.

A crypto and web3 researcher "samczsun" tweeted a long thread explaining the attack scenario.

Read Also
Post a Comment