Binance, the world’s largest cryptocurrency exchange by volume, said hackers have stolen about $570 million (£514m) from its systems, in a fresh blow to the crypto industry after months of collapsing prices.
The company initially estimated the thieves had made off with $100m to $110m, but later said hackers had taken two million of the company’s BNB tokens, with a value of about $284 each.
The hack targeted BSC Token Hub, a bridge that allows tokens to be transferred from one underlying platform – or blockchain – to another.
Binance founder and chief executive Changpeng Zhao said no customer funds had been taken.
“The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” Zhao said.
Binance asked the validators of BSC Token Hub to pause their work for about eight hours in order to ensure the issue was contained.
Zhao said the hackers exploited a bug that created extra BNB tokens on the network.
Binance and other crypto networks were able to freeze the majority of the stolen funds, with Binance saying there remained about $100m of unrecovered funds.
Attacks on cross-chain bridges have soared this year, with Elliptic estimating that about $1.83bn had been stolen from bridges in total up to August 2022, with $1.21 of that taken this year alone.
Some of those thefts include a heist of more than $600m from the Ronin bridge at Axie Infinity in March, the $190m theft from bridge provider Nomad in August and a $100m loss by California-based Harmony in June.
Bridges make attractive targets because the complexity of transferring tokens from one blockchain to another means they may contain bugs that hackers can exploit, industry watchers have said.
A number of the biggest crypto thefts, including the Axie Infinity heist, have been attributed to North Korean state-backed hackers.
Attacks on crypto exchanges are an important revenue source for North Korea, which uses the illicit funds to finance its missile programmes, according to a February United Nations report.
To settle US federal and state claims over multiple data breaches, Marriott International agrees $52…
ByteDance's TikTok is laying off up to 500 employees as it moves to greater use…
In this episode, we uncover why most organisations aren’t ready to harness generative AI. We…
Mixed reactions as Elon Musk hypes $30,000 'self driving' robotaxi called Cybercab, as well as…
AMD unveils new AI and data centre chips as it seeks to improve challenge to…
AT&T and Verizon among US broadband providers reportedly hacked to target American government wiretapping platform