Crypto Hack Hits Binance Smart Chain: CertiK Tracks $2M Exploit

The rising phishing, wallet hack, and security breaches are creating panic in the crypto space. Recently, Blockchain security firm CertiK revealed that in May alone, around $140.1 million was lost to crypto hacks, scams, and exploits, while $162 million in assets were frozen. Notably, phishing attacks accounted for about $8.5 million of the total losses.

CertiK alert has flagged a major exploit on the Binance Smart Chain (BSC), where an attacker drained nearly $2 million by abusing a smart contract function called printMoney(). 

Exploiter Uses Authorized Contract to Steal Funds

The exploit was carried out by a known attacker operating from address 0xd5c6f3…122c. The individual repeatedly triggered the printMoney() function on their authorized attack contract. The unauthorized access stemmed from a compromised victim contract linked to the address 0xb5cb0, which had unknowingly approved the malicious contract about eight hours before the attack.

CertiK believes the victim contract deployer’s private key may have been phished or otherwise compromised, leading to the unauthorized approval transaction. This gave the attacker full permission to transfer the victim’s tokens.

• Also Read :
•   ZachXBT Accuses Garden Finance For Laundering  Bybit Hack Funds
• ,

Attacker Converts Funds and Holds Nearly $2M

Once access was secured, the attacker swiftly converted the stolen derivative tokens into BNB and stablecoins. As of now, the exploiter is holding approximately $1.96 million worth of assets at their address.

Community Urged to Stay Alert

Big crypto hacks are piling up this year, with Coinbase losing $400 million, Cetus on the Sui network hit for $220 million, and others like Phemex and UPCX also suffering huge losses. These incidents show just how risky things can get in crypto if you’re not careful. According to CertiK, one of the biggest mistakes is trusting unverified smart contracts or having weak security for private keys. In a recent BSC hack, that’s exactly what went wrong. The attacker was able to steal millions because the victim’s contract wasn’t properly secured.

CertiK is now tracking the hacker’s wallet and keeping an eye on suspicious activity. They’ve also reminded users and developers to always check contract approvals, use well-audited code, and avoid rushing into transactions.

Meanwhile, CertiK’s advice is simple be careful, stay alert, and don’t rush into anything.

FAQs