Security breach leads to $13M worth of crypto losses for Bancor exchange
Decentralized cryptocurrency exchange Bancor has reported a security breach that resulted in the loss of an estimated $13.5 million worth of cryptocurrencies.
On Monday, the exchange tweeted that it “experienced a security breach,” although “no user wallets were compromised.” A short time later, Bancor issued a statement, detailing the breach. According to the exchange, “a wallet used to upgrade some smart contracts” had been compromised, allowing its user to withdraw 29,984 ETH amounting to an estimated $12.5 million from the BNT smart contract. In addition to the ETH coins, the wallet also reportedly stole $1 million worth of Pundi X (NPXS) and some $10 million worth of Bancor’s own coin BNT.
The exchange noted that it was able to freeze the stolen BNT, limiting the damage from the theft. However, Bancor admitted that it’s “not possible to freeze ETH or any other stolen tokens.” The exchange said it’s working with other exchanges to trace the missing funds. The wallet containing the stolen ETH can be found here.
“We take this incident very seriously,” the Bancor team said. “We are committing every resource to resolving it, getting the network back online and tracking down the criminals involved.”
To reiterate, no user wallets have been compromised in the attack.
— Bancor (@Bancor) July 9, 2018
A message on the Bancor website, which remains under maintenance at press time, informs its users that the platform “does not hold your assets,” so “your wallet and your funds are always safe, secure and under your possession on the blockchain at all times.” Bancor is considered to be one of the largest ICOs in the industry, raising $153 million in July 2017.
In an interview with CoinTelegraph, Bancor communications head Nate Hindman said the platform “should be back online within 24 hours.” The executive said the exchange has reached out to “a number of industry players” to help them develop tool and technology, such as “a real-time blacklist” and an emergency fund, which can be used when crypto thefts across exchanges happen.