Binance is “narrowing down” the identity of the attacker who stole $570 million worth of crypto from a cross-chain bridge on October 6, Binance CEO Changpeng Zhao told CNBC on Monday.
Zhao said Monday that up to 90% of the stolen funds were frozen on the blockchain before they could be moved. And now the company, which runs the world's largest centralized crypto exchange, has had some help tracking down the responsible party.
“We’re still actually helping [law enforcement] to chase the bad players and working with law enforcement around the globe,” Zhao said, speaking to CNBC from Dubai. “In this particular instance, law enforcement gave us tips on who they think it may be, so we’re narrowing it down.”
After the hack was reported, the Binance Smart Chain was halted. In a post on Reddit, Zhao wrote that "funds are safe," but also said that the value of the funds taken off the BSC were between $100 and $110 million.
In the aftermath of the exploit, Sam Sun, a researcher at Paradigm, said on Twitter that the attacker “somehow convinced the Binance Bridge” to send them 1 million BNB two times.
Even before the Binance Smart Chain bridge was hacked, attacks on cross-chain bridges accounted for $2 billion, or 69% of all funds stolen, from the start of the year through August, according to blockchain analytics firm Chainalysis.
"Bridges are an attractive target because they often feature a central storage point of funds that back the 'bridged' assets on the receiving blockchain," the firm wrote in its report. "Regardless of how those funds are stored—locked up in a smart contract or with a centralized custodian—that storage point becomes the target."