An estimated $80,000 worth of Bitcoin (BTC) has been lost in a potential exploit on the BNB Chain involving several suspicious transactions. Although $80,000 is relatively small compared to other crypto exploits, it has raised concerns about the motives of the attacker.
The specific token contract that was exploited remains unknown, but on-chain security firm Cyvers suggests that the attacker could be a white hat hacker or an ethical hacker who utilizes their skills to identify security vulnerabilities. Cyvers made this statement in a post on May 28.
Cointelegraph has reached out to Cyvers for further comment on the matter.
The attacker, despite receiving funding from the cryptocurrency mixing service Tornado Cash, also interacted with Binance, the largest centralized exchange in the world. Typically, sophisticated crypto hackers with malicious intentions avoid engaging with major centralized exchanges like Binance. These exchanges require Know Your Customer (KYC) verification, which could potentially expose the identity of malicious actors.
This potential exploit occurred just a week after Gala Games experienced an exploit that resulted in $23 million worth of Gala (GALA) tokens being stolen. Gala Games co-founder and CEO Eric Schiermeyer attributed the exploit to an issue with internal controls, which the team has since resolved.
In a surprising turn of events, the hacker returned $22.3 million worth of Ether (ETH), which is close to the market value of the 600 million GALA tokens they had stolen and sold the previous day. The attacker’s wallet was frozen with the stolen funds, leading to the return of the funds.
The decision to return the funds came after Eric Schiermeyer, Gala’s co-founder and CEO, stated in posts on May 20 that the alleged attacker had been identified, including his home address.
This marks the second time in May that a thief has had a change of heart and returned stolen funds. In a separate incident, $71 million worth of cryptocurrencies that were stolen in a recent wallet poisoning scam were also returned to the victim. The unknown attacker returned the funds on May 12 after the high-profile phishing incident garnered significant attention from blockchain investigation firms.
However, on-chain transactions suggest that the attacker in this case was not an ethical hacker but a malicious actor who became fearful due to the increased mainstream attention and chose to return the funds.
Magazine: Hong Kong streaming firm to purchase $100 million of crypto, Worldcoin sanctioned: Asia Express