Hacker Steals Over $55 Million in Crypto

A hacker stole over $55 million after a developer at bZx, a crypto company, fell for a phishing attack.

It has been reported that the phishing attack compromised the private keys of the bZx developer’s wallet. The developer, borrowers, lenders, and farmers with funds on Polygon and Binance Smart Chain (BSC) were all impacted.

What Happened?

On 5th November 2021, a hacker managed to steal a trove of BZRX tokens and other cryptocurrencies on BSC and Polygon. This happened by the hacker using bZx private keys that were obtained in a phishing attack. The hacker was then able to deposit the stolen BZRX as collateral to borrow against other funds on the protocol.

The attack granted the hacker keys to the Polygon and BSC deployment of the bZx protocol and  as a result, affected lenders, borrowers, and farmers, and those who had given unlimited approvals to those contracts. The hacker then removed funds from the BSC and Polygon implementation of bZx.

Slowmist estimated the value of the lost funds to be in the region of $55 million.

#bZx private key compromised, over $55 million dollars stolen so far. We’ll continue to update as more information is discovered. @RektHQ @ChainNewscom @bZxHQ https://t.co/SM6WWDt06J pic.twitter.com/39S05IiBFr

— SlowMist (@SlowMist_Team) November 5, 2021

 

Via Twitter, bZx were keen to reassure their users and emphasise that “bZx on Ethereum is not compromised, only BSC + Polygon”.

The incident today was NOT a protocol hack. It was a phishing attack on a bZx dev.

bZx on Ethereum is not compromised, only BSC + Polygon.

Our treasury is robust and our community will decide a compensation package.

Investigation ongoing. Read more?https://t.co/uLIO8K9QDZ

— bZx – Fulcrum & Torque (on ETH/BSC/Polygon) (@bZxHQ) November 5, 2021