It is believed that an unidentified attacker stole $1,000,000 in Binance Coin (BNB), from BitKeep’s Token Swap function, and transferred it to Tornado Cash. Monday saw an anonymous cybercriminal steal $1 million worth of Binance Coin (BNB tokens) from BitKeep’s token exchange service. The funds were then routed through the U.S. government-sanctioned transaction privacy tool Tornado Cash, according to a Twitter thread today by BitKeep.
Customers who were affected by the attack received information that they would be compensated for their losses.
BitKeep claims that all customer wallets are now “secured” and has assured customers that yesterday’s attack was successfully contained.
The company provided a roadmap outlining the next steps. BitKeep’s token-swapping service has been frozen. According to the thread, the company plans to add a wallet safety feature and a one-tap repair feature.
BitKeep also works with security agencies to locate the attacker and recover funds.
The company’s blog published a specific reimbursement plan earlier today. It reiterated the company’s commitment to 100% remuneration, and announced the launch of a compensation portal within the next three working days.
Only sixteen days remain in October and this month is already the most active month for crypto hackers in what is becoming the worst year for hacking.
Last week was by far the most damaging, with four hacks taking place in one day, on Tuesday. Mango Markets, a crypto trading platform based in Solana, was the most severe; it was robbed of \$100 million.
Mango’s negotiating team seemed to be working with the attacker. He cited “problematic debt” that was a result of a bailout Mango Markets executed in June.
Later, he didxxed himself and claimed to be Avraham Mayer-Eisenberg of New York. He is alleged to have made millions through crypto-exploitation. Eisenberg claimed that he was part of a larger organization for his latest exploit and that their actions were legal.
This year, crypto hackers have been increasingly interested in blockchain bridges that connect different blockchain ecosystems. One of the most significant hacks of all times was committed earlier this year against Infinity developer Sky Mavis.
The attackers took 173,600 Ethereum, and 25.5 Million USDC safecoins from the bridge that connected Sky Mavis’s custom Ronin to Ethereum. However, the historic theft, worth $622m, was not discovered until March 29.
An attacker was able to steal $100 million in cryptocurrencies this month from a cross-chain link between BNB Smart Chain and BNB Beacon Chain.
Last weekend, Japan’s National Police and Financial Services Agencies issued a joint declaration in which they announced that Lazarus, North Korea’s state-sponsored cybercriminal organization, has attacked several Japanese crypto companies.
Lazarus was linked to an historic \$622,000,000 attack on Sky Mavis Ethereum sidechain Ronin.
This dark underbelly of criminal hackers, opportunists and others is growing as the crypto industry expands. Regulators are being sought by many to help curb, reduce, and prevent blockchain-targeted criminal acts.