Hacker steals over US$570m from a cross chain bridging service

A hacker stole over US$570m in Binance Coins (BNB) from a cross-chain bridging service. A researcher at the crypto investment firm Paradigm stated that the hacker exploited a vulnerability that allowed them to request one million BNB from Binance Bridge twice. A bug enabled Binance Bridge to verify proofs, thus allowing hackers to forge arbitrary messages. Binance CEO Changpeng Zhao stated that the hack affected ‘BSC Token Hub, which is the bridge between BNB Beacon Chain (BEP2) and BNB Chain (BEP20 or yBSC)’ but thanks to the crypto community the hacker only managed to move a fifth of the funds of the BNB chain.