Here’s How Binance Bridge Attacker Pulled Off $566 Million Hack
Earlier today, attackers reportedly managed to steal 2 million BNB tokens (roughly $566 million) from the Binance Bridge.
On Twitter, Paradigm researcher @samczsun explained that he initially thought that Venus Protocol had suffered another hack. However, it later turned out that the attacker actually deposited $200 million into the protocol.
According to the research, the attacker behind the massive hack managed to convince the Binance Bridge to send them a million BNB tokens on two separate occasions. The hacker managed to find a way to forge proof for block 110217401.
The research concluded that there was a bug in the way that the compromised Binance Bridge verified proofs. The vulnerability was exploited by attackers in order to forge arbitrary messages.
Paradigm, one of the most prominent crypto VC firms, hired samczsun as its research partner back in October 2020.
The damage could have been “far worse”
The reputable white-hack hacker claims that the damage could have been much worse. However, the attacker only managed to forge two messages. As reported by U.Today, Binance CEO Changpeng Zhao tweeted that validators were asked to temporarily suspend BSC.
He also added that the issue had been contained. According to Binance’s estimations, up to $80 million of the stolen funds were transferred off-chain.
A portion of these funds has been already frozen at press time. As of now, BSC validators are currently coordinating to bring back the chain.