Binance Blockchain Hit by $570 Million Hack, Exposing Crypto Vulnerabilities
Binance, the world’s biggest cryptocurrency exchange, confirmed on Friday that $570 million had been stolen in a hack of a blockchain it runs that serves as a bridge for asset transfers between networks. The attack on the Binance Smart Chain network highlighted weaknesses in decentralized finance, or DeFi, where transactions are controlled by code.
“Software code is never bug free,” Binance’s chief executive, Changpeng Zhao, said in an interview with CNBC. He emphasized that no users had lost money in the hack but said that so-called cross-chain bridges were particularly vulnerable to hacks and the industry needed to get better at learning from them.
“We have seen a series of attacks on targeting vulnerabilities in cross-chain bridges,” Binance Smart Chain wrote in a blog post apologizing to users. “We will openly share the details of the postmortem and all lessons on how to implement more advanced security measures to shore-up these vulnerabilities.”
In August, the blockchain research company Chainalysis estimated that $2 billion worth of cryptocurrency had been stolen in 13 cross-chain bridge attacks, mostly in 2022. In March, an attack drained $600 million from a bridge behind the crypto-powered video game Axie Infinity. In February, $325 million was stolen from the Wormhole network.
These exploits show that a reliance on code for control of DeFi platforms leaves these systems exposed, and that in emergency situations, decentralization can be an obstacle to quickly resolving issues. The Binance chain ecosystem is run by a community of users, known as validators, who hold tokens and can vote on proposed code changes.
“Decentralized chains are not designed to be stopped, but by contacting community validators one by one, we were able to stop the incident from spreading,” Binance Smart Chain said in its statement. “This delayed closure, but we were able to minimize the loss.”
Now, the Binance Smart Chain community will hold a vote on next steps, including whether to freeze the stolen funds and allot a bounty for catching the hackers, offering up to 10 percent of the value of the stolen assets.
Vitalik Buterin, one of the founders of the Ethereum network — and the second-most-popular cryptocurrency, Ether — has been a vocal critic of cross-chain bridges, noting that they have “fundamental security limits.”
Visit this page for more updated.