BNB Chain performs hard fork to protect network after millionaire hack
In the last week, as reported by CriptoFácil, BNB Chain, Binance’s blockchain, suffered one of the biggest hacker attacks of the year, losing at least BRL 500 million on October 6th. Now, to try to better protect the network infrastructure, the BNB Chain team has performed a hard fork called Moran. This is a blockchain update that implements a major change to the network’s software.
The update had already been announced on Tuesday (11) in a post on GitHub. At the time, BNB Chain released temporary patch v1.1.16 for network nodes. This patch fixes the cross-chain infrastructure between the Beacon Chain and Smart Chain, which was the hacker’s target.
According to the developers, the Moran update, successfully completed at block height of 22,107,423, fixes vulnerabilities in hash checking. Although the fork did not affect regular users, node operators had to stop their existing nodes and replace them with new ones.
Hard fork Moran on BNB Chain
As the BNB Chain team reported, the hard fork was performed primarily to implement the software patch that resolved a critical vulnerability exploited by the attacker last Friday. The idea of the update is to “reactivate the cross-chain infrastructure” of the network, according to the team. This cross-chain bridge allows users to transfer assets between the two blockchains of the BNB Chain network, the Beacon Chain (which handles the governance of the network) and the Smart Chain (used as an Ethereum Virtual Machine compatible smart contract platform) .
The BNB team explained that the attack was limited to the BNB Smart Chain, more precisely “the native bridge of the BNB Chain, the BSC Token hub”. During the exploration, the criminal forged evidence of security inside the bridge, exploiting a bug that checks for legitimate evidence. In this way, the hacker managed to mint 2 million BNB tokens, worth almost BRL 3 billion.
On-chain data shows that the hacker transferred more than BRL 500 million to third-party networks including Ethereum, Fantom, Polygon, Avalanche and Arbitrum. But most of the assets remained in the hacker’s wallet on BNB Chain itself after the team brought the blockchain to a standstill. Hours later, the blockchain was reactivated. The team pointed out that the loss in question was at BNB Chain. That is, the attack did not affect the funds of network users.
According to the team, the current hard fork will help BNB Chain to restart full bridge operations and protect the overall network infrastructure. The next step, according to the initial schedule, is to hold governance votes to decide whether BNB Chain freezes funds held at the hacker’s address on BNB Chain and “burns” them.