There is another hacking incident in the cryptocurrency market, and this time the victim is Binance Smart Chain (BSC). Binance founder and CEO Changpeng Zhao (CZ) and BNB Chain officials announced this morning (7) that additional Binance Coins (BNB) will be generated due to the intrusion of the cross-chain bridge BSC Token Hub, so BSC will be shut down. For some time, it has repeatedly emphasized that “user funds are safe”, but preliminary estimates are that the total amount of funds lost from BSC is between $100 million and $110 million, of which about $7 million has been frozen.
According to Paradigm researcher Samczsun, the on-chain data and related codes show that there are loopholes in the verification method of the BSC cross-chain bridge, allowing attackers to forge arbitrary messages. In this attack, the hacker successfully passed the BSC cross-chain bridge through forged messages. , so that the cross-chain bridge sent 2 million BNB to the attacker’s address.
However, it has not yet been known whether the official successfully intercepted these 2 million BNBs. The cryptocurrency research team MICA Research commented:
The advantage of a centralized blockchain is that it can immediately freeze assets or suspend blockchain operations in the event of a hacker attack, minimizing losses. Officials also pointed out that $7 million was successfully left in the Binance Chain.
The blockchain security company Paidun also issued a statement saying that BNB Chain hackers have transferred about $89.5 million in attack proceeds to other blockchains, of which about 58% were transferred to Ethereum, about 33% were transferred to Fantom, and about 50% were transferred to Fantom. 4.5% is transferred to Arbitrum.
BNB Chain officials have now asked node validators to contact them as soon as possible to plan and arrange node upgrades. In this regard, Changpeng Zhao, founder of Binance, said: “It is impossible to give a specific upgrade time for the time being. Binance must provide developers with sufficient time to understand the root cause of this incident, implement fixes and conduct in-depth testing.”