Hackers have reportedly stolen 2 million Binance Coins, worth $566 million, from the Binance Bridge.
Details are scant at the moment, but the attack appears to have started at 2:30 PM EST today, with the attacker’s wallet receiving two transactions [1, 2], each consisting of 1,000,000 BNB. Soon after the hacker began spreading some of the funds across a variety of liquidity pools, attempting to transfer the BNB into other assets.
Binance acknowledged the security incident at 6:19 PM EST and paused the BNB Smart Chain while they investigated the incident.
At 7:51 PM EST, the CEO of Binance tweeted that an exploit was used in the BSC Token Hub to transfer the BNB to the attacker and that they had asked all validators to suspend the Binance Smart Chain.
“An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB,” tweeted Binance CEO Changpeng Zhao.
While the majority of the stolen funds remain on the BNB Smart Chain, and are now inaccessible to the hacker, Binance estimates that between $70M – $80M were taken off-chain.
