Binance, the world’s biggest cryptocurrency exchange by volume confirmed on Friday that $570 million had been stolen in a hack of a blockchain it runs that serves as a bridge for asset transfers between networks.
The attack on the Binance Smart Chain network highlighted weaknesses in decentralized finance, or DeFi, where transactions are controlled by code.
“Software code is never bug-free,” Binance’s CEO, Changpeng Zhao, said in an interview with CNBC. He emphasized that no users had lost money in the hack but said that so-called cross-chain bridges were particularly vulnerable to hacks and the industry needed to get better at learning from them.
Related- Hackers Cart-Away $1.08 From Audius Network
“We have seen a series of attacks on targbug-freeing vulnerabilities in cross-chain bridges,” Binance Smart Chain wrote in a blog post. “We will openly share the details of the postmortem and all lessons on how to implement more advanced security measures to shore up these vulnerabilities.”
On the attack, the Binance Smart Chain stated, ”Decentralized chains are not designed to be stopped, but by contacting community validators one by one, we were able to stop the incident from spreading”. It added, ‘‘This delayed closure, but we were able to minimize the loss.”
Now, the Binance Smart Chain community will hold a vote on next steps, including whether to freeze the stolen funds and allot a bounty for catching the hackers, offering up to 10 percent of the value of the stolen assets.