Decentralized crypto exchange Bancor was attacked by hackers, as a result of which $13 million worth of cryptocurrencies have been stolen. In its publication on Twitter, the platform’s management has reported that the cyber attack occurred due to a vulnerability of a security system of the exchange. Hackers managed to steal 24,984 ETH (about $12 million), NPXS tokens worth about $1 million and BNT tokens for about $10 million (them platform managed to freeze) from the exchange’s wallet.
Vulnerability was revealed by the experts of the exchange even before the loss of funds was discovered. In its earlier publication, the exchange assured its users that, despite the breach, all the assets of Bancor are safe. At the same time, the exchange suspended its work to investigate the incident.
However, it later became clear that one of the wallets used to update smart contracts was hacked and funds were withdrawn from it. Stolen BNT tokens (Bancor's own tokens) were immediately frozen, which allowed to reduce the damage caused. As for the remaining missing funds, Bancor is working together with other exchanges, hoping to track their movement.
Bancor is a decentralized exchange that does not store user assets in its own wallets. The management of the exchange underlined that the clients' funds were not affected by the hack.
At the time of publication, trading on the stock exchange has not yet been resumed. The BNT token currently costs $2.41, having lost 19% over the past day.
Also, several hours after the Bancor incident, MyEtherWallet, one of the most popular crypto asset wallets warned its users to immediately transfer their funds to another account. The company suspected HOLA, free VPN extension for Google Chrome, to have be hacked which exposed data of MyEtherWallet users for intruders to collect for at least 5 hours. The wallet has confirmed that the attack “appeared to be a Russian-based IP address”.