Bancor, a decentralized exchange, has issued a statement saying that hackers exploited a vulnerability to steal 24,984 ETH (~$12 million), 3,200,000 BNT, worth ~8.16M and 229,356,645 Pundi X (NPXS), worth $848,619. The exchange was able to freeze BNT transfer through an inbuilt security system.
Bancor tweeted that it has found a security breach and has begun investigating. The exchange assured that all user wallets are safe and an elaborate report will be published soon.
According to the report provided by Bancor, the hacking incident took place at approximately 00:00 UTC when a wallet set aside for the purpose of upgrading some smart contracts was compromised. The wallet has then used to withdraw Ether and ERC-20 tokens NPXS and BNT.
As mentioned above, the stolen BNT has been frozen using a safeguard mechanism built into the Protocol of the decentralized exchange. Bancor explained that the security system was built in to “be used in an extreme situation to recover from a security breach, allowing Bancor to effectively stop the thief from running away with the stolen tokens”
Here is the latest update on the recent security breach: pic.twitter.com/JroypFvBri
— Bancor (@Bancor) July 9, 2018
However, the exchange has confirmed that the looters got away with the stolen ETH and NPXS tokens. Bancor has stated that the hackers exchanged a portion of the stolen tokens via instant conversion service offered by Changelly. Bancor is working with other cryptocurrency exchanges to make it harder for thieves dilute the cryptocurrencies.
Bancor stated “We are working together with dozens of cryptocurrency exchanges to trace the stolen funds and make it more difficult for the thief to liquidate them”. A snap shot of the compromised wallet is provided below.
Bancor raised eye brows in July 2017 when it raised $153 million in a matter of few hours in one of the largest coin offerings. The exchange has stated that it will keep investors and cryptocurrency community informed of the developments through Telegram and Twitter. The exchange is currently down for maintenance.