Security

Binance Chain Exploiter Just Transferred 33,772 Ethereum to a New Address

The address associated with the recent BNBChain bridge exploits just moved $45M worth of ETH to a new address.

The BNBChain bridge exploit surprised the entire community, as hackers aimed to execute the malicious act stealthily overnight. Notwithstanding, the Binance team was able to address the situation soon enough to minimize the damage caused, with Tether making its own attempt to blacklist the associated address.

Despite these commendable efforts, the hackers were able to cart away with funds within the range of $100M. Due to the swift action of the Binance team, $400M remained on BSC, with the hackers sending $50M to Fantom and $50M to Ethereum. It appears the funds converted to Ethereum are now on the move.

#PeckShieldAlert Seems like ~$400m (~75%) of stolen funds remained on BSC, ~$50m out to Ethereum and ~$50m to Fantom pic.twitter.com/1QfPwsFkse

— PeckShieldAlert (@PeckShieldAlert) October 6, 2022

PeckShieldAlert, a Chrome extension tool from blockchain security company Peck Shield, revealed the development through its official Twitter page.

“PeckShieldAlert BNBChain Token Hub Exploiter 0x489A87 has transferred ~33,772 $ETH (~$45M) to a new address 0xFA0a3…14e9,” the handle highlighted.

#PeckShieldAlert BNBChain Token Hub Exploiter 0x489A87 has transferred ~33,772 $ETH (~$45M) to a new address 0xFA0a3…14e9 pic.twitter.com/74rReD6tZ8

— PeckShieldAlert (@PeckShieldAlert) October 8, 2022

A look at the transaction hash 0x74701d8816a4b3b6c377dfb1dab2edd5abfe7ad92d114905aaf151a701ff26d9 on Etherscan confirms the alert from PeckShield.

The transaction which occurred on October 7, 6:15:35 PM (UTC) involved the transfer of 33,771 Ether (worth $44,879,672 against prevailing rates) from the address associated with the BNB Bridge exploit 0x489a8756c18c0b8b24ec2a2b9ff3d4d447f79bec to a new address 0xfa0a32e5c33b6123122b6b68099001d9371d14e9.

This move indicates that the hackers are looking to move the funds out of sight. It remains the practice of criminals to utilize crypto mixers such as the OFAC-sanctioned Tornado Cash as a means to cover their tracks.

Recall that the BNBChain-linked exploit which occurred in the late hours of October 6 affected a cross-chain bridge native to the BNB Chain ecosystem called the “BSC Token Hub.” BSC Token Hub acts as a bridge between the BNB Beacon Chain (BEP2) and the BNB Smart Chain (BEP20 or BSC). 

The exploit led to a withdrawal of 2 million BNB (worth around $566M). In an attempt to contain the situation, the BNBChain team had to consult with validators to pause on-chain activities on the network. 

The hack was summarily addressed, limiting the funds withdrawn out of the BSC ecosystem to $100M. Following the exploit, CEO of Binance Changpeng “CZ” Zhao appeared on CNBC’s Squawk Box show to discuss a few issues. CZ entertained questions regarding the recent exploit, as The Crypto Basic previously reported.

CZ noted that he remains confident of the community’s trust in Binance due to the swift response from the team. Additionally, CZ highlighted the fact that, despite the hack, BNB had dipped by less than 5% at the time of the interview. The asset has only seen a dip of 1.2% as of press time, as it changes hands at $281.

Furthermore, the BNBChain team released a statement concerning the hack on Friday after containing the situation. The team apologized for the exploit, and revealed four action points that will be subjected to governance votes for the “common good of BNB”.

These points include:

  • Actions to take on the hacked funds – whether to freeze them or not.
  • Whether the developers should implement the BNB Auto-Burn feature to cover the rest of the hacked funds or not.
  • A White Hat initiative that will reward each White Hat that uncovers a future significant bug with $1M.
  • A bounty for hackers caught, promising 10% of the recovered funds to anyone who provides substantial assistance.

In addition to these points, CZ further told CNBC that the BNBChain team have noted the bug, and are looking to learn from the mistake in to make the network more secure in the future.

   

Source

Click to rate this post!
[Total: 0 Average: 0]
Показать больше

Добавить комментарий