October 14, 2022

How did they get to Binance?

Bridges look like a popular target for hackers, so in this article Anya takes a closer look at what exactly happened in last week's attack on Binance.

Read previous posts on this series: 

POWR safe against a Wormhole type hack

How do recent hacks within the crypto space affect the POWR token?

Keeping your website secure with ENS and IPFS

Last week, we saw an attack on one of the big names in crypto, Binance. 

The attacker became a relayer for the Binance Bridge (BSC Token Hub) before exploiting a verification proof vulnerability within, allowing them to mint two million BNB on the BSC chain to the address. The exploit resulted in the suspension of operations on the entire chain. 

Bridges are a popular target for attackers, so we took a closer look at what happened. 

The incident was a result of a weakness in a cross-chain bridge. In turn, the supply of Binance coins, or BNB, produced a surplus of 2 million BNB tokens.  The attacker was able to exploit a vulnerability in the Binance Bridge, and they sent themselves one million BNB tokens twice in a row. The hack happened because of a bug in the smart contract where hackers could forge transactions and transfer funds into their wallets.  Interestingly, the attacker managed to forge proof for a block confirmed two years ago.

In other words, “the bug lies in how Binance bridge analyses the proofs of transactions. The hacker generated the message in a way that tricked the contract’s validity. Although the hacker had no valid claims to the funds transferred, BSC Token Hub then proceeded with the payout as everything was valid” said by Adrian Hetman, tech lead of the Triaging Team at Immunefi.

The damage was contained due to a coordinated response by the BNB Chain 44 validators (26 active validators). 

This type of attack is nothing new, cross-chain bridge hacks have become a common occurrence.  Cross-chain bridge hacks, 13 of them, resulted in $2 billion in cryptocurrency theft.  

As a result of this attack, Binance implemented a reward of $1 million for each significant bug found, and a bounty for catching attackers in the amount of up to 10% of recovered funds. 

This hack is yet another reason for blockchain projects to test for similar vulnerabilities in their cross-chain bridges.

Author: Anya Nova, Blockchain and staking operations, Powerledger

Disclaimer: Powerledger does not provide financial advice, we recommend seeking independent financial, tax and legal advice prior to purchasing any cryptocurrency.

Let's chat

Get in touch