The BNB Chain team confirmed reports of a large exploit on Twitter, and all deposits and withdrawals on the network were halted for eight hours.
The blockchain of cryptocurrency exchange Binance’s Binance Smart Chain was suspended on October 6 as a result of a vulnerability in its cross-chain bridge, with attackers stealing an estimated $100 million worth of cryptocurrency.
The BNB Chain’s official Twitter account announced that the blockchain services, which had been suspended for more than 8 hours, had resumed around 6:53 AM UTC. Validators also confirmed the status of the community infrastructure upgrade.
The unexpected pause was initially reported by the BNB Chain’s official Twitter account as the result of “irregular behavior” on the blockchain; however, a suspected exploit was added shortly after. When the blockchain went “under maintenance,” all deposits and withdrawals were halted, according to an update from Binance.
According to on-chain analytics that had previously triggered speculations on Twitter that the network had been significantly compromised, two million BNB, the network native token, valued close to $600 million, were allegedly exploited by accused attackers.
In a subsequent update, Champeng Zhao assured the public that its systems are secure and user funds are safe while it continues to look into the vulnerability. He stated that the exploit, which was used against the BSC Token Hub, caused the creation of “extra BNB.”
The attacker deposited the remaining funds into the decentralized finance (DeFi) lending platform Venus Protocol after claiming a reward of one million BNB through the token hub, according to early on-chain analysis conducted by Twitter users prior to the formal disclosures.
Before the BNB Chain was suspended, they borrowed $150 million worth of stablecoins divided between USD Coin (USDC) and Binance USD (BUSD) and used cross-chain bridges to exchange the tokens for Ether (ETH), Phantom Protocol (PHM) tokens, and Polygon (MATIC).
The attacker used the same exploit to get access to another million BNB, which they transferred to Stargate Protocol, a different cross-chain bridge provider.
The decentralized chain’s developers apologized to the community in a blog post and reiterated that the move was taken to prevent the vulnerability from spreading.