The cryptocurrency industry is increasingly becoming the target of bigger and bolder attacks, the most recent targeting the BNB Smart Chain (BSC).
Entire chain suspended
The hackers specifically targeted the cross-chain bridge BSC Token Hub – the bridge between BNB Beacon Chain (BEP2) and BNBChain (BEP20 or BSC). This resulted in the suspension of activities throughout the chain. Binance CEO Changpeng Zhao said:
At the same time, the suspension was announced on the BNB Chain’s own Twitter account: “Due to irregular activity, we are temporarily suspending BSC. We apologize for the inconvenience and we will provide further updates here. Thank you for your patience and understanding.”
Scope of the attack on BSC
According to estimates by analytics firm PeckShield, losses are estimated at approximately $580 million:
The total stolen money from BSC TokenHub Exploiter is 2M BNB (~586M loss). This is where the ~$89.5m stolen funds moved off-chain come in (~58% to Ethereum, ~33% to Fantom and ~4.5% to Arbitrum).
In the meantime, blockchain security firm SlowMist shared similar information:
According to the BNB Chain’s Reddit account, initial estimates for funds taken from BSC are between $100 million and $110 million. “However, thanks to the community and our internal and external security partners, an estimated $7 million has already been frozen.”
The infrastructure of the blockchain currently appears to be fully operable again:
How could this happen?
Around the same time, samczsun, the research partner of crypto investment firm Paradigm, explained in a series of tweets how the hack was carried out. According to him, the attacker had somehow convinced the Binance Bridge to simply send them 1,000,000 BNB. Twice.
The dead giveaways, as samczsun said, were the suspiciously low withdrawal amounts, as well as the length of the attacker’s proof. He believes the attacker had found a way to forge a proof for that particular block.
After explaining all the technical details of the hack, the analyst concluded the following:
In summary, there was a flaw in the way the Binance Bridge verified proofs that allowed attackers to spoof arbitrary messages. Fortunately, the attacker only forged two messages, but the damage could have been much greater.