Alex Labs Freezes $3.9M in Exploited Funds After BNB Smart Chain Hack

Key Insights

  • Alex Labs successfully froze $3.9M in stolen crypto after a BNB Smart Chain bridge exploit.
  • The hacker’s mistake of sending funds to CEXs allowed the recovery of 17 token balances.
  • Alex Labs offers a 10% bounty to the attacker and considers a network upgrade to reimburse users.

Bitcoin layer-2 developer Alex Labs announced on May 16 that it successfully froze over $3.9 million in cryptocurrency that had been exploited from its BNB Smart Chain bridge. The attacker attempted to cash out by transferring the stolen funds to multiple centralized exchanges (CEXs). However, cooperation with these exchanges allowed Alex Labs to freeze the assets and prevent further losses.

The team reported recovering the complete balances for 17 different tokens, including significant amounts of aBTC, sUSDT, xBTC, and ALEX. This achievement showcases the importance of swift action and collaboration in mitigating the impact of such security breaches.

Attacker’s Mistake Leads to Fund Recovery

The hacker exploited Alex Labs by gaining control of a private key associated with one of the bridge’s vaults, which allowed unauthorized withdrawals. Despite this breach, the smart contract code and ALEX infrastructure were not compromised, according to the team. The stolen assets included $13.7 million worth of Stacks (STX) tokens. The attacker made a crucial error by sending approximately $3 million of these tokens to centralized exchanges, where they were subsequently frozen.

(Advertisement)Artificial Intelligence Crypto Trading Artificial Intelligence Crypto Trading System - Surpass the competition with this cutting-edge AI system! Utilize the prowess of innovative algorithms and amplify your crypto trading strategies with CypherMindHQ. Learn more today!

The team has publicly shared a spreadsheet detailing the STX balances at each exchange, revealing that $3.7 million is held at these exchanges while $9.6 million remains in wallets controlled directly by the attacker. Alex Labs continues to monitor the hacker’s addresses and has implemented multiple alarms to prevent any attempt to cash out the remaining funds.

Bounty Offer and Potential Police Report

In an effort to recover the remaining stolen funds, Alex Labs has offered a 10% bounty to the attacker and a promise not to prosecute if 90% of the funds are returned. The team is also preparing a police report to be filed if negotiations with the hacker fail.

The potential non-recovery of all funds has led Alex Labs to consider deploying reserves held by the ALEX Lab Foundation. These reserves may be used to establish a “treasury grant program” aimed at compensating users who lost funds in the attack. The team is evaluating the best course of action to ensure affected users receive fair compensation.

Network Upgrade Proposal and Historical Precedents

Given the disproportionate amount of STX tokens involved in the exploit, Alex Labs is contemplating a proposal for a Stacks network upgrade. This upgrade would aim to freeze the remaining funds held by the attacker and mint new tokens to reimburse the victims. While such upgrades are rare, they still need precedent. The 2016 Ethereum DAO hack and the PopcornSwap rug pull on the BNB Smart Chain both saw similar actions, though with varying degrees of success.

The team’s proposal reflects a proactive approach to mitigating the damage caused by the breach and providing restitution to affected users. However, the success of such a proposal would depend on the approval and support of the Stacks community.

Similar Attacks and Industry-Wide Concerns

On May 17, the XLink bridge suffered a $10 million hack involving its Ethereum and BNB Smart Chain endpoints. Similar to the Alex Labs attack, the XLink hacker used phishing techniques to gain control of private keys, enabling unauthorized withdrawals. However, a white-hat hacker managed to recover $4.3 million of the stolen funds.

XLink temporarily suspended operations to investigate the breach, working closely with security partners and Binance liaisons. The investigation revealed that no endpoints other than BSC and Ethereum were affected. The remaining $5 million, primarily in LunarCrush tokens, is being secured by the XLink and LunarCrush teams, with most funds already recovered or secured.

In response to these incidents, both Alex Labs and XLink have implemented measures to prevent further exploits. Alex Labs continues to monitor the attacker’s addresses and has set up multiple alarms to thwart any attempt to cash out the stolen funds. XLink has issued instructions for users to revoke approved spending limits on compromised contracts, emphasizing the importance of this step in mitigating ongoing risks.

(Advertisement)Artificial Intelligence Crypto Trading Artificial Intelligence Crypto Trading System - Outpace the competition with this high-end AI system! Leverage the capabilities of progressive algorithms and enhance your crypto trading performance with CypherMindHQ. Learn more today!