Updated: May 29, 11:00 UTC: The BNB Chain has provided clarification on the recent exploit.
Several suspicious transactions on the BNB Chain resulted in the loss of approximately $80,000 worth of a BEP-20 token called ‘BTC’. While this may be a relatively small amount compared to other crypto exploits, it has raised concerns about the intentions of the attacker.
Cyvers, an on-chain security firm, suggests that the attacker could potentially be a white hat hacker, also known as an ethical hacker, who uses their skills to uncover security vulnerabilities. The firm made this statement in a blog post on May 28th.
Cointelegraph has reached out to Cyvers for further comment.
Source: Cyvers Alerts – $80,000 Bitcoin exploit on BNB, transactions
Following these reports, the BNB Chain Core Development Team identified the attack as a price manipulation exploit targeting a BEP-20 token labeled as “BTC”. In an email to Cointelegraph, the BNB Chain Core Development Team provided the following statement:
“Despite receiving funding from the cryptocurrency mixing service Tornado Cash, the exploiter also interacted with Binance, the world’s largest centralized exchange.”
Normally, sophisticated crypto hackers with malicious intent avoid interacting with large centralized exchanges like Binance. This is because these exchanges typically require Know Your Customer (KYC) verification, which could potentially lead to the discovery of the attacker’s identity.
However, despite interacting with Binance, the attacker is not considered a white hat hacker, according to the BNB Chain Core Development Team.
In unrelated news, Gala Games was recently exploited, resulting in the theft of $23 million worth of Gala (GALA) tokens. Gala Games co-founder and CEO Eric Schiermeyer attributed the exploit to an issue with internal controls, which the team has since addressed.
Interestingly, the hacker returned $22.3 million worth of Ether (ETH), which is close to the market value of the 600 million GALA tokens they had stolen and sold the previous day. The attacker’s wallet was frozen, prompting the return of the funds.
This marks the second time this month that a thief has returned stolen funds. In an earlier incident, $71 million worth of cryptocurrencies stolen in a recent wallet poisoning scam were also returned to the victim. It is believed that the attacker returned the funds due to the increased attention and scrutiny surrounding the incident.
Magazine: Hong Kong streaming firm to purchase $100 million of cryptocurrency; Worldcoin faces sanctions: Asia Express