Frankfurt Even the world’s largest crypto exchange is not immune to digital heists. At least $100 million worth of cryptoassets have disappeared from leading digital currency marketplace Binance. If the attack had gone as planned by the hackers, the damage could have been well over half a billion dollars. That would have been one of the biggest crypto heists ever.
Blockchain is the decentralized database technology behind leading cryptocurrencies like bitcoin or ether, and blockchain bridges aim to allow users to exchange between different cryptocurrencies at low cost.
These exchange protocols apparently also played a role in the current attack on Binance. In a message on Twitter, billionaire Binance founder Changpeng Zhao acknowledged that there had been a “now contained” attack on a blockchain bridge. The affected blockchain bridge “BSC Token Hub” stopped the crypto exchange for the time being.
Top jobs of the day
Find the best jobs now and
be notified by email.
By exploiting a vulnerability in the blockchain bridge, the hackers apparently managed to generate two million new Binance Coins (BNB) out of thin air. One BNB was worth $285 on Friday, so two million would have equaled $570 million. But Binance claims to have noticed the attack and initiated countermeasures so that the attackers were only able to divert a small part of the coins.
New “control mechanism” to prevent attacks
The “majority” of the stolen goods are still in Binance’s digital wallets, the crypto exchange said. So far, however, there has been no trace of coins with a volume of around 100 million dollars.
Binance announced a new “control mechanism” to prevent such hacker attacks in the future. “We have to learn from such incidents,” stressed Changpeng Zhao on the US stock exchange broadcaster CNBC. “Computer code is never completely without errors.”
He also highlighted the quick intervention of the programmers. Binance token BNB, the fifth largest cryptocurrency by market cap, was down around four percent on Friday.
The exchange process across blockchain bridges uses “smart contracts” to manage the transactions. They are translated into program codes and – if all the necessary requirements are met – executed automatically.
Cryptocurrencies are often touted as particularly secure due to the blockchain technology behind them, but enormous sums of money are still disappearing due to hacker attacks. The crypto data platform Chainalysis estimates the total damage caused by attacks on blockchain bridges at two billion US dollars this year alone.
In August, cryptocurrencies worth around 190 million US dollars were stolen in a cyber attack on the crypto service provider Nomad. The so-called “Nomad Token Bridge” was affected. In February, hackers stole around 320 million US dollars from “Wormhole”, the bridge between the second largest cryptocurrency Ether and the competing project Solana.
Experts: Many perpetrators from North Korea
On March 23, 2022, the perpetrators stole more than $600 million worth of digital currencies in one of the largest crypto thefts to date. The Ronin network, the blockchain on which the popular video game Axie Infinity is built, was affected. The attackers attacked the bridge to the Ronin blockchain, which connects the video game to others cryptoblockchains like that of the ether currency.
Axie Infinity is a computer game in which users participate in virtual battles with previously collected fantasy animals. Each of these animals is a so-called non-fungible token (NFT), a unique digital work of art. Players can also sell or rent these NFTs for profit. At the time of the robbery, Axie Infinity had around 2.5 million daily active users, according to the operator.
Experts suspect perpetrators from North Korea behind many of the attacks. According to a Chainalysis report earlier this year, North Korean hackers stole around $400 million in digital assets in at least seven attacks in 2021.
A UN report on cybercrime comes to similar conclusions. Accordingly, North Korean criminals are said to have stolen more than $50 million from at least three crypto exchanges in America, Europe and Asia between the beginning of 2020 and mid-2021. Cyber attacks, especially on crypto assets, are an important source of income for North Korea, the Reuters news agency quoted from the non-public report.
>> Read here: Zero Trust: This technology is changing cyber security – and the world of work
According to Chainalysis, a “large proportion of attacks this year are again from malicious actors with ties to North Korea.” The suspicion of the experts is aimed in particular at “elite hacker groups” such as Lazarus. The Lazarus Group became known with a cyber attack on the Japanese Sony group in 2014.
Tens of thousands of Sony employees’ social security numbers, passwords, and other company internals were stolen. There have been explicit threats against the Sony-produced film comedy The Interview, which is about an assassination plot against North Korea’s ruler Kim Jong Un. As a result, several US cinema chains decided to remove the film from their schedules.
More: Hackers steal $600 million in cryptocurrencies from a computer game