The thefts of money in the form of cryptocurrencies are relatively frequent in recent times. It is not exactly pleasant that a technology considered so secure hides many pitfalls (probably because it is a relatively young technology); the protagonist is today Binance Bridge: a blockchain.
BNB Chain, a blockchain connected toBinance cryptocurrency exchangerevealed an exploit on a cross-chain bridge that drained about $ 100 million in digital assets.
What is known about the cryptocurrency theft from Binance Bridge?
“There has been an exploit affecting the native cross-chain bridge between BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), known as ‘BSC Token Hub’“, Was stated last week from the site of the blockchain in question. “The exploit occurred through sophisticated low-level evidence forging in a common library“.
According to Binance CEO Changpeng Zhao, the exploit on the cross-chain bridge “produced extra BNB“, Causing a temporary suspension of the Binance Smart Chain (BSC).
“BNB, which stands for ‘Build and Build’ (formerly called Binance Coin), is the blockchain gas token that ‘powers’ transactions on BNB Chain“, has disclosed Binance in early February.
User funds are said not to have been affected, as the vulnerability in the BSC Token Hub bridge allowed the attacker to mint new BNB tokens in an unauthorized manner.
While the hack resulted in the withdrawal of two million BNB in two transactions, the blockchain suspension prevented the theft of nearly $ 430 million in cryptocurrencies, he said. affirmed the blockchain security company SlowMist.
Regarding Binance Bridge (and not only) this is not thelast of a series of serious accidents that hit cross-chain bridges – which facilitate the transfer of assets between blockchains – this year, following that of Axie Infinity, Harmony Horizon Bridge and Nomad Bridge.
In addition to the Binance Bridge misunderstanding, are other blockchains in danger?
The blockchain analytics firm Chainalysis, in August, has valued that $ 2 billion worth of cryptocurrency would be stolen in 13 cross-chain bridge attacks, representing 69% of total funds stolen in 2022.
Further development comes when cybersecurity company Bitdefender has details of a cryptojacking campaign revealed which exploits the known DLL side-loading vulnerabilities in Microsoft OneDrive to establish persistence and distribute cryptocurrency mining software (in practice, the “flow” of virtual money is hijacked, to make it easy).
Subsequently, Trend Micro has revealed that a very dangerous hacker nicknamed Water Labbu targeted 45 cryptocurrency-based fraudulent websites run by other criminals to divert victims’ funds to a wallet under their control.
“In a parasitic way, the perpetrator of the theft [l’hacker] hacked other scammers’ websites by pretending to be a decentralized application (DApp) and injected malicious JavaScript code into them“, Affirmed the company in an analysis last week.
Why do thefts like this of Binance Bridge happen: is there a way to “defend yourself”?
I will not be doing the usual rant about “bad internet habits” and so on, here the problem is not (completely) of the end user.
Blockchain technology and cryptocurrencies in general are relatively young technologies that have not yet “learned” how to defend themselves from malicious people.
Someone argues that blockchain technology is absolutely to be avoided, even.
Unfortunately, we are not told if cryptocurrencies (and related technologies) will one day really take over as someone has been saying for a few years now, so we can only wait and see what the future holds.
#Hackers #steal #million #cryptocurrencies #Binance #Bridge