- A total of 2 million Binance Coin, equivalent to nearly US$570 million, were effectively minted and taken by the hacker.
- According to a statement from Binance, about US$100 million of the stolen funds were not recovered, while the rest were frozen with the exchange adding that no user funds were lost.
On Thursday, a hacker made off with about US$100 million cryptocurrency via a bridge used by the world’s biggest cryptocurrency exchange by volume, Binance.
Cross-chain bridges allow tokens to move between different blockchains and are a means by which cryptocurrencies achieve interoperability across different chains.
A total of 2 million Binance Coin, equivalent to nearly US$570 million, were effectively minted and taken by the hacker.
According to a statement from Binance, about US$100 million of the stolen funds were not recovered, while the rest were frozen with the exchange adding that no user funds were lost.
According to Chainalysis, it’s estimated that US$2 billion worth of tokens have been looted from 13 separate attacks, the majority of which was stolen this year.
Bridges continue to be a major weak point that is exploited by hackers, but an unavoidable route of passage as major blockchains remain largely segregated from each other.
In August, one such bridge called Nomad, which uses a method for verifying transactions that it says is safer than those used by other cross-chain platforms was hit by a US$200 million hack.
Largely decentralized, bridges generally run on open source code, with no single entity or individual answerable for their integrity.
One of the major challenges around building secure bridges is their complexity, which gives hackers many potential entry points and there are few qualified experts who can build and secure them.
The open source nature of bridges acts as a double-edged sword making them more naturally vulnerable to hacks than traditional financial networks, but also allowing more individuals to collaborate to help improve the code.
Another issue with bridges is that most operate with a small set of custodians or entities such as validators that are responsible for securing the network making then vulnerable as they sacrifice decentralization for the sake of operating at scale.