The announcement is contrary to the habits of the classic banking environment, which only rarely communicates this type of incident. Binance said on October 7 that it had been the victim of a cyberattack. The largest cryptocurrency platform in the world, in terms of transaction volume, estimates the scale of the theft at nearly $100 million.
According to Binance, the hackers managed to withdraw a total of 2 million BNB, the cryptocurrency issued by Binance, or approximately $580 million during the day on Friday, October 7. However, they were only able to exploit one fraction, the majority of the amount having been immediately blocked.
>>> Read our dossier – African Blockchain: crypto adventurers
7 million subscribers
Thanks to the quick reaction of the people responsible for validating the transactions, “the majority of the funds remained on the address of the hackers”, indicated a spokesperson for Binance, saying that “those funds could not be transferred” . On the other hand, around 100 million dollars have been stolen and have not yet been able to be recovered.
Earlier in the day, the boss of Binance, Changpeng Zhao, better known under the pseudonym “CZ”, had tried to reassure his community of users by assuring on Twitter, where he has 7 million subscribers: “The problem is now under control. “Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” CZ added.
In a post on the Reddit site, Binance also clarified that of the total amount actually stolen, approximately $7 million had been frozen.
Targeted inter-chain bridges
The hackers targeted the BSC Token Hub cross-chain bridge. A bridge is a service that allows a user to transfer cryptographic tokens from one blockchain to another.
The Binance Smart Chain (BSC) blockchain to which the bridge targeted by the hackers is linked was suspended after the hack, before being restored a few hours later.
Computer attacks against inter-chain bridges have multiplied in recent months. In August, hackers stole the equivalent of $190 million by exploiting a flaw in the Nomad bridge.
According to Chainalysis, $2 billion was stolen via 13 cross-chain bridge hacks between January and August. These attacks represent 69% of cryptocurrency thefts in 2022, Chainalysis further indicates.
Elliptic, another cryptocurrency analyst firm, noted in its latest quarterly hack report that bridges “tend to accumulate large amounts of locked assets across many blockchains, many of which may not have security culture or advanced audit due to their relative obscurity”. This makes bridges “an attractive target for cybercriminals,” Elliptic adds. Experts believe that bridges are particularly targeted by hackers linked to terrorist groups or dictatorial regimes, including Korea from Nord.