BankInfoSecurity.com reported that “Cryptocurrency exchange Binance restored operations on its BSC Token Hub smart contract early Friday, hours after a hacker stole BNB Binance chain native tokens worth $568.6 million.” The October 7, 2022 report entitled “Binance Restores Cross-Chain Bridge After $569M Attack” (https://www.bankinfosecurity.com/binance-restores-cross-chain-bridge-after-569m-attack-a-20227?rf=2022-10-10_ENEWS_SUB_BIS__Slot1_ART20227&mkt_tok=MDUxLVpYSS0yMzcAAAGHYVq8ZarT2sO51gTq2mDPcXEGWKuMu2I2qeQH9hwhNFN9OW1WVk72EeerLr_XjiDDmBSoNvXZIBjdDC_Ohqmat2HqX__3wf5kAOkqB0w5i4RpkvAgQQ) included these comments:
BSC Token Hub is the native cross-chain bridge between Binance’s BNB Beacon Chain and BNB Smart Chain. Cross-chain bridges allow the transfer of crypto assets and information across blockchains.
A “vast majority of the funds remain under control,” the company says, without sharing further details. A Reddit post from the company says it froze $7 million of the stolen funds.
Blockchain security firm PeckShield said on Thursday night that the attacker moved $89.5 million of the stolen funds off the Binance chain. Blockchain security firm CertiK pegged the number at $110.7 million as of early Friday morning.
The company says it “own(s) this [the attack]” and upgraded the vulnerable contract to version v1.1.15 to “stop hacker accounts from acting.” It did not specify how it will do so.
Further upgrades are expected, even as validators confirm their statuses in parallel, the company said around 7:00 a.m. UTC on Friday.
The BSC Token Hub uses a consensus mechanism requiring multiple validators to approve transactions. It has 26 active validators, among a total of 44.
What do you think about the security of this SMART CONTRACT?