Binance has been hacked, and at least $100 million stolen in the process. The world’s largest exchange confirmed the hack, claiming that the figure could have been significantly higher, reports TechCrunch.
The Binance blockchains embarked on an unusual step when it suspended transactions and fund transfers after it discovered a vulnerability affecting BBS Token Hub cross-chain bridge. The bridges according to TechCrunch, are designed to ease the transfer of assets from one independent blockchain to another.
The vulnerability in the BSC Token Hub bridge gave access to attackers who forged messages that allowed them to mint new BNB tokens. The hack did not however, affected user funds since the stolen tokens were not in existence prior to the hack.
Chief Executive Changpeng Zhao on Twitter said the impact od the hack is estimated to be between $100 million and $110 million. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” said Zhao.
in September, Uber confirmed reports of a cybersecurity incident that impacted its cloud-based servers. The company while confirming the incident on its official Twitter page, said it is “in touch with law enforcement and will post additional updates…”
As reported by the New York Times, Uber discovered that its computer network had been breached on. The company had since put in place some security measures, including taking several of its internal communications and engineering systems offline, as per NYT.
The Uber hack appeared to have impacted Uber’s internal systems. Images of email, cloud storage, and code repositories were sent to cybersecurity researchers and NYT by a person claiming responsibility for the breach.
“We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” wrote Latha Maripuri, Uber’s chief information security officer in an email as per NYT.
So, how was Uber’s security system hacked?
The hacker told the New York Times how he had sent a text message to an Uber staff claiming to be a corporate information technology person. The staff was then persuaded to release a password which allowed the hacker to gain access to Uber’s systems.
In 2016, hackers stole information from 57 million driver and rider accounts, and later approached Uber and demanded $100,000 to delete copy of the data. Uber, according to reports, bowed to the demand of the hackers, but did not disclose the breach for more than a year.