Binance resumes BSC bridge operation after 2M BNB exploit

2 years ago

The BNB Smart Chain resumed its operations soon aft an attacker drained 2 cardinal BNB from the cross-chain bridge.

Binance announced the suspension of deposits and withdrawals from its BNB concatenation connected Oct. 6, aft a hacker transferred astir 2 cardinal BNB (approx. $568 million) to a Tether-blacklisted wallet.

BNB concatenation validators moved to upgrade their nodes and disabled autochthonal cross-chain communication. The upgrade was intended to halt the hacker from causing much harm.

In the aboriginal hours of Oct. 7, Binance announced that the BNB Smart Chain has resumed operations.

.@BNBCHAIN is backmost online. We person present resumed @BNBCHAIN deposits and withdrawals connected #Binance.

Thank you for your patience. https://t.co/icZvlWaHGi

— Binance (@binance) October 7, 2022

$568 cardinal mislaid successful BSC span hack

According to an on-chain investigation by Paradigm Research Analyst @samczsun, the attacker leveraged a connection verification vulnerability recovered successful the Binance span to nonstop 2 cardinal BNB (approx. $568 million) into Venus protocol.

In summary, determination was a bug successful the mode that the Binance Bridge verified proofs which could person allowed attackers to forge arbitrary messages. Fortunately, the attacker present lone forged 2 messages, but the harm could person been acold worse

— samczsun (@samczsun) October 7, 2022 

According to information steadfast BlockSec, the BSC span hack present ranks 3rd successful a database of 11 cross-chain bridges that person mislaid a cumulative $2 cardinal since July 2021.

Security hazard of cross-chain bridges

The increasing database of span hacks brings to caput Vitalik Buterin’s statement against cross-chain bridges successful a multi-chain future.

My statement for wherefore the aboriginal volition beryllium *multi-chain*, but it volition not beryllium *cross-chain*: determination are cardinal limits to the information of bridges that hop crossed aggregate “zones of sovereignty”. From https://t.co/3g1GUvuA3A: pic.twitter.com/tEYz8vb59b

— vitalik.eth (@VitalikButerin) January 7, 2022 

Vitalik argued that cross-chain bridges summation the information risks progressive successful transferring assets. Since assets person to beryllium transferred crossed antithetic blockchain information networks, chains go interdependent connected 1 another.

Consequently, an onslaught against 1 concatenation could dispersed the contagion crossed different chains.

The station Binance resumes BSC span cognition aft 2M BNB exploit appeared archetypal connected CryptoSlate.

View source