The BNB Chain $80K Bitcoin exploit may point to a potential white hat or ethical hacker looking for blockchain vulnerabilities.
A possible vulnerability on the BNB Chain that resulted in numerous dubious transactions caused the loss of Bitcoin BTC worth about $80,000 (down $68,280).
Although $80,000 may seem insignificant compared to typical cryptocurrency exploits, it prompted inquiries into the attacker’s motivations.
Cyvers, an on-chain security firm, hypothesizes that the perpetrator may have been a white hat hacker or ethical hacker who exploits security vulnerabilities. In contrast, the exploited token contract remains unknown. The firm stated in an X post dated May 28:
“The total loss is approximately $80K. The attacker received funding via TornadoCash and has also interacted with the Binance exchange, indicating a possible white hat action.”
Cointelegraph has contacted Cyvers for comment.
Despite the financial support received from Tornado Cash, a cryptocurrency blending service, the exploiter engaged in transactions with Binance, the global preeminent centralized exchange.
Proficient crypto hackers operating with malevolent intentions refrain from engaging with prominent centralized exchanges such as Binance due to the Know Your Customer (KYC) verification procedures that may expose the true identities of the nefarious actors involved.
Some hacks have a happy ending
A week after Gala Games was compromised for $23 million worth of Gala (GALA) tokens, the possible exploit has materialized. Gala Games co-founder and CEO Eric Schiermeyer asserts that the occurrence of the exploit was attributable to a weakness in “internal controls,” an issue that the team has subsequently rectified.
After the attacker’s wallet was suspended containing the stolen funds, the hacker returned $22.3 million worth of Ether ETH tickers down $3,893, close to the market value of the 600 million GALA they stole and sold the day before.
In a May 20 X and Discord post, Gala’s co-founder and CEO Eric Schiermeyer confirmed the alleged attacker’s identity, including “his home address.” The funds were subsequently returned.
In May, this marks the second instance in which a criminal has changed his mind and repatriated stolen funds.
A return of cryptocurrencies valued at $71 million, which were stealing funds through a wallet poisoning scheme, was made to the victim earlier this month.
Following the attention of numerous blockchain investigation firms due to the high-profile phishing incident, the unidentified assailant refunded the $71 million on May 12.
However, on-chain transactions indicate that the perpetrator was a malignant actor who, frightened of the public’s attention, decided to return the funds and not an ethical hacker.