Someone exploited a message verification vulnerability that allowed him to deploy an exploit that managed to steal 2 million BNB.
Binance announced it was suspending deposits and withdrawals from the BNB chain on Oct. 6 after a hacker transferred about 2 million BNB - approximately $590 million - to a wallet blacklisted by Tether.
According to an investigation by Paradigm Research analyst @samczsun, an attacker took advantage of a message validation vulnerability in the Binance bridge.
Cross-chain bridge security risk
The growing list of bridge hacks brings to mind Vitalik Buterin's argument against interchain bridges in a multi-chain future.
Vitalik argued that interchain bridges increase security risks in the transfer of assets. Because assets must be transferred across different blockchain security networks, circuits become interdependent on each other.
Consequently, an attack on one chain could spread the contagion to other chains.