Binance Smart Chain-Hosted DeFi Protocol BXH Loses $139 million to Hackers
October 31, 2021
October 31, 2021
Another decentralized financial system running on the Binance Smart Chain has been hacked, resulting in the theft of millions of dollars in cryptocurrency. Another example is BXH, a DeFi eco-platform that offered its customers with a yield farming aggregator that was driven by artificial intelligence (AI). It is estimated that around $140 million was taken, despite the fact that BXH has called on the hackers to restore the assets.
It has been proved that DeFi protocols based on the Binance Smart Chain are subject to assaults, with the team behind BSC saying at one point that the attacks are intended to discredit the blockchain. Cyber-attacks against multi-million dollar initiatives such as Pancakebunny, Spartan Protocol, Burgerswap, Meerkat Finance, and Uranium Finance are just a few examples of projects that have been the target of multi-million dollar cyberattacks.
BXH has now become a member of this group. The breach was reported today by the people behind the project, who stated: “We regret to inform you that BXH has been hacked on the Binance Smart Chain” (BSC). “While the assets on HECO, OEC, and Ethereum are secure, we have temporarily paused the deposit and withdrawal services for concerns of security.”
BXH published a list of the addresses to which they allege the hackers moved the stolen funds on the blockchains of the BSC, Bitcoin, and Ethereum. As per block explorers, the BSC address now has $8.1 million in BNB tokens and $92.5 million in other BSC tokens in its possession.
On Ethereum, the hackers’ account has $1,000 in ETH and $17.2 million in other ERC-20 tokens, with the majority of this being Wrapped Ethereum, according to the hackers. At the time of publication, the BTC address had 198.1 BTC, which was worth $12.4 million.
“Please help us recover our money,” BXH has pleaded with the cryptocurrency industry to aid it in recovering its funds by blacklisting the addresses of the hackers responsible. “We need CEX and DeFi providers to ban and freeze these IP addresses,” said the spokesperson. “We are collaborating with BSC Security and our security partner Peckshield to track down and locate those responsible.”
On Twitter, Poly Network, a cross-chain DeFi network, expressed sympathy for BXH’s plight.
“In order to prevent future transfer, Poly Network will halt cross-chain services connected to stolen assets on BSC; however, other chains will not be impacted,” the company said in a statement.
Poly Network itself was the target of a $600 million cyberattack, the largest such incident in the history of the DeFi sector. The Poly Network team used an unusual technique in asking the hacker to “please refund our monies,” which was met with skepticism.
And it was successful. The assets were returned by the hacker, initially $260 million and then the remaining sums afterwards. Poly Network ended up hiring the hacker and promoting him to the position of chief security adviser. BXH is taking a page from the book of Poly Network. “To the exploiters, please return the monies promptly, and we will acknowledge your conduct as white hat and award you a bonus,”
the project said in its introduction of the initiative. Will the hackers heed the kind request to return the money and use the Poly Network path as suggested by the police? Only time will tell whether this is true.
🚨🚨We are sorry to announce that BXH was attacked on #BinanceChain. Other chains assets are safe.
We are cooperating with BSC and Peckshield to follow up and trace.#BXH @HECO_Chain @BinanceChain @AnyswapNetwork @O3Swap @renprotocol @cz_binance @peckshield pic.twitter.com/jNo8C53DM0
— BXH (@BXH_Blockchain) October 30, 2021
The BXH lending agreement said it was hacked and at least 4000 ETH was stolen this time. pic.twitter.com/79PzqSplBO
— Wu Blockchain (@WuBlockchain) October 30, 2021
After #PolyNetworkExploit, we are well aware of the importance of #security and can empathize with the experience of #BXH. In order to avoid further transfer, Poly Network will suspend cross-chain services related to stolenassest on #BSC , and other chains will not be affected. https://t.co/ybx4knmchN
— Poly Network (@PolyNetwork2) October 30, 2021