Key Points
- BNB Smart Chain (BSC) experienced copycat Vyper attacks, following the exploit trend seen on Ethereum-based protocols.
- Around $73,000 worth of cryptocurrencies were stolen in three separate exploits on the BSC platform.
- The vulnerability was related to a malfunctioning reentrancy lock in the Vyper programming language, affecting multiple DeFi pools.
BNB Smart Chain (BSC) faces copycat attacks similar to Ethereum’s exploit activity, with $73K in cryptocurrencies stolen through vulnerabilities in the Vyper programming language.
The sheet updated. Losses have already ~$41m!https://t.co/lCaS4uEPzm https://t.co/stQYNJFS7y pic.twitter.com/P7jG8NHnV4
— BlockSec (@BlockSecTeam) July 30, 2023
Vulnerability in Vyper Language
While Ethereum-based protocols have been the main targets of exploit activities, the BNB Smart Chain (BSC) has also experienced similar copycat attacks. The exploits, totaling around $73,000, occurred due to a vulnerability in the Vyper programming language, echoing the recent exploit on the DeFi protocol Curve Finance.
Widely Used Programming Language
Vyper versions 0.2.15, 0.2.16, and 0.3.0 were affected by a malfunctioning reentrancy lock, impacting several DeFi pools. Vyper is widely used for Web3 projects and designed for the Ethereum Virtual Machine. This vulnerability could potentially affect other protocols that use the afflicted Vyper versions.
Excellent news!!! hopefully we can get it backhttps://t.co/sElKdYniT1 pic.twitter.com/AEldRorQaq
— Addison (@0xaddi) July 30, 2023
On-Chain Hacker Battle
In the aftermath of the exploit, white hat and black hat hackers are engaged in an on-chain battle to disrupt each other’s exploit attempts or efforts to recover stolen funds. A potential white hat hacker, “c0ffebabe.eth,” managed to retrieve funds and returned over $5 million worth of Ether to the affected Curve protocol.
5M returned back to @CurveFinance pic.twitter.com/BPAvE1ZOZY
— KGJR (@KGJRTG) July 30, 2023
Efforts to Recover Funds
“c0ffebabe.eth” sent a message on-chain offering assistance in returning funds to affected protocols. They have since moved funds to a likely cold wallet for safekeeping, showcasing the ongoing efforts to restore funds to affected projects.
As the crypto community remains vigilant, the BSC and other protocols must address vulnerabilities and strengthen security measures to safeguard users and assets from potential exploits.