A Breakdown of The US$570 Million Binance Ecosystem Hack

A Breakdown of The US$570 Million Binance Ecosystem Hack

Cross-chain bridges are the weakest link in the blockchain ecosystem, and this hack shows us why!

The global cryptocurrency market has been struggling with hacks for almost its entire existence. One of the most recent attacks to have shaken up the crypto market is a hack on the Binance ecosystem. 

On October 7, the world’s biggest cryptocurrency exchange, Binance, reported that its blockchain (BNB Smart Chain) had been attacked. Hackers had exploited a vulnerability in the BNB Smart Chain and created two million BNB tokens (Binance’s native token), resulting in a loss of US$570 million for the Binance Network. Let’s take a closer look at the situation, what we can learn from it and what it means for the crypto market. 

So, what happened to Binance? 

Within the Binance ecosystem, the BNB Chain comprises the BNB Smart Chain (BSC), which facilitates smart contracts and the development of decentralized applications, and the BNB Beacon Chain, which is used for governance purposes. 

The hack (or the exploit as BNB’s blog calls it) that occurred earlier this month affected the BSC Token Hub, a cross-chain bridge facilitating transactions between the BNB Beacon Chain and BSC. The BSC Token Hub had a vulnerability that allowed the hacker to forge messages and mint new tokens. 

Using this vulnerability, the hacker was able to mint 2 million BNB tokens. Binance quickly found out about the exploit and suspended the BSC. Thus, the hacker only pulled out about US$100-US$110 million off the blockchain. An additional US$7 million from the US$570 million worth of BNB tokens was frozen with the help of Binance’s security partners, further reducing the hack’s impact. 

What can we learn from this attack?

This attack has highlighted the weaknesses in blockchain bridges. To understand this better, let’s look at an example. Suppose you want to transfer Bitcoin to the Ethereum Network; you will have to use a blockchain bridge that will give you a “bridge” version of Bitcoin that is now compatible with the Ethereum Network. These bridged assets are backed by a central storage point of funds on the receiving blockchain (Ethereum in this case), attracting hackers to exploit loopholes and steal the funds. 

Another issue with cross-chain bridges is that they do not have the same community as the underlying blockchains. It means there simply aren’t enough people to audit codes and check for vulnerabilities. 

Just this year, over US$2 billion worth of cryptocurrency has been stolen because of cross-chain bridge hacks. Many crypto experts, such as co-founder of Ethereum Vitalik Buterin, have expressed concern about the security of cross-chain bridges. 

This isn’t to say that no effort is being made to improve cross-chain bridges. For instance, a cross-chain bridge called Wormhole has launched a bug-bounty program under which it will offer payouts of as high as 10,000,000 USDC (about US$10,000,000) to those who can successfully catch bugs in the system. Poly Network also did the same and created a bug bounty pool of US$500,000.

How does this hack affect the crypto market?

As of the third quarter of 2022, the crypto market has lost US$2.3 billion, of which hacks contributed to 93% of the losses. This hack is only the latest addition to the billions the crypto market has lost to malicious attacks. 

Besides causing direct financial losses, these hacks also negatively impact investor sentiment. Given the recent crypto crash we saw earlier this year, people are bound to be apprehensive about investing their hard-earned cash into cryptocurrencies. Hacks like this would only further solidify the uncertainty of investing in crypto. 

Alternatively, some crypto experts believe that these hacks have an overall positive impact on the network attacked. They expose issues present in the network and encourage the network to put more resources into securing the blockchain. We have seen this happen with Binance, where the community is all set to vote on whether it should offer bounties to those who catch hackers and recover any funds lost in future hacks. 

Luckily for Binance, their token’s value has remained relatively stable despite the hack. The BNB token was trading at US$280.05 the day the attack happened and is trading at US$271.58 as of October 17. It has maintained its rank as the fifth-largest cryptocurrency by market capitalization, which might have to do with how quickly Binance acted to defend itself against the attack. 

A tweet by Binance’s CEO Changpeng Zhao can best sum up the situation, “Some setbacks make you stronger. Never waste an opportunity.” This should be a cautionary tale for not just Binance but also other crypto companies operating cross-chain bridges. Hopefully, crypto developers are making concerted efforts to improve cross-chain bridges and make crypto networks more secure so that these attacks will become less prevalent. 

Also read:

Header Image Courtesy of Binance’s website

SHARE THIS STORY

Share on facebook
Share on twitter
Share on linkedin
Share on email

RELATED POSTS

Companies That Are on a Hiring Spree amid Layoffs at Twitter, Meta and Other Big Tech

Companies That Are on a Hiring Spree amid Layoffs at Twitter, Meta and Other Big Tech

The tech industry is facing a slew of staff cutbacks since the beginning of the year. In November 2022, the internet went into a frenzy at Elon Musk laying off most of Twitter’s employees. A few days later, Meta also announced its own round of layoffs, letting go of about 13% of the workforce. Later, Salesforce also confirmed it had dismissed hundreds of workers to cut expenses.

4 Business Sectors Reaping Profit from FIFA World Cup 2022

4 Business Sectors Reaping Sweet Profit from FIFA World Cup Qatar 2022

The 2022 FIFA World Cup 2022 in Qatar will generate roughly US$6.5 billion in revenue, topping the previous record of US$5.4 billion from the 2018 World Cup in Russia. Thanks to the once-in-four-year tournament, Qatar’s GDP is estimated to grow by 4.1% in 2022, and the tournament alone could add up to US$20 billion to Qatar’s economy.

Transparency in the Post FTX World What is Proof of Reserve

Transparency in the Post FTX World: What is Proof of Reserve?

In November this year, two big league crypto businesses, FTX and BlockFi, filed for bankruptcy. FTX had a death spiral after news broke out that the Sam Bankman-Fried-owned exchange had used customer funds to make risky bets through his hedge fund Alameda Research. On the other hand, FTX was closely associated with BlockFi, with them having signed a loan agreement with each other and BlockFi holding US$355 million in digital assets on FTX.

How Do Recommendation Engines Work

How Do Recommendation Engines Work?

Picture this: You just finished a film on Netflix and want to follow it up with something similar. Luckily, Netflix comes to the rescue and gives you the perfect suggestions to continue your weekend movie binge. This isn’t just a hypothetical scenario but something a lot of people actually go through.

Quantum Computing Has a Cybersecurity Problem. Here’s How Experts Are Solving It

Quantum Computing Has a Cybersecurity Problem. Here’s How Experts Are Solving It

In 2019, Google used its quantum computer, the Sycamore machine, to prove that quantum computers can solve a problem in mere minutes. Experts working on the quantum computer found that their system could execute a calculation in 200 seconds, whereas a standard computer would take 10,000 years to complete. What on earth is this powerful tool?

Here Are Some Alternative Sites People Are Jumping To

Musk May Have Killed Twitter: Here Are Some Alternative Sites People Are Jumping To

Ever since Elon Musk purchased the social networking site Twitter for US$40 billion, things haven’t been looking too good for the company’s future. Not only did Musk fire over 50% of the employees soon after stepping on board as the new chief executive officer, but he also intends to allow maximum freedom of speech. This can end up making Twitter a cesspool of racism and misogyny, as well as other forms of hate speech.