Binance has announced a pause across the entire Binance Smart Chain (BSC or BNB Chain) following what appears to be one of the largest exploits in DeFi history.
An attacker has reportedly hacked another BNB chain user for 2 million BNB, worth $600 million.
Another DeFi Catastrophe
According to BNB Chain on Twitter, the “temporary” pause is due to “irregular activity,” and a “potential exploit.”
“All systems are now contained, and we are immediately investigating the potential vulnerability,” said the team. It also claimed that “all funds are safe.”
Due to irregular activity we’re temporarily pausing BSC. We apologize for the inconvenience and will provide further updates here.
Thank you for your patience and understanding.
— BNB Chain (@BNBCHAIN) October 6, 2022
However, Twitter user and DeFi developer “foobar” had something else to say about the situation. He claimed an attacker had stolen 2 million BNB from “somebody” on the chain – worth roughly $600 million.
“The attacker is spewing funds across liquidity pools and utilizing every bridge they can to get to safer chains,” he added.
The user included a screenshot from a block explorer showing the suspect held $532 million in crypto, spread across various EVM-compatible chains and L2s. These include $421 million still on the BNB chain (79%) and another $53 million (10%) on Ethereum.
BNB chain data backs this up, showing exactly 1,020,094 BNB parked at the same address, worth $288 million. The address’s cumulative holdings amount to $421 million, matching foobar’s screenshot.
The explorer also includes a notice that the address has already been flagged as being part of the “BSC bridge hack,” reported by the Web 3 cybersecurity group Ancilia. Furthermore, Tether – the issuer of the world’s largest stablecoin – has already blacklisted the account.
Can the Culprit Be Stopped?
BNB Chain has since confirmed that roughly $70 million to $80 million worth of assets were whisked off the chain before being paused. However, another $7 million of those escaped funds have already been frozen, thanks to “the community” and Binance’s “internal and external security partners.”
“We are humbled by the speed and collaboration from the community to freeze funds,” it added.
BNB Chain thanked over a dozen specific organizations for collaborating with its efforts, including CertiK, Ankr, and Coinbase Cloud.
Binance’s official Twitter announced that all deposits and withdrawals for BNB at the exchange have been paused, due to “maintenance” on the BNB Chain.
Since blockchains are transparent ledgers, it’s often possible for experts to identify, track down, and seize funds from thieves moving large funds. Last month, Chainalysis successfully helped authorities seize $30 million of stolen goods from the $600 million Axie Infinity hack
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.