Blockchain
Jump Crypto unveils critical vulnerability on Binance’s BNB Chain – Crypto News
Web3 infrastructure firm Jump Crypto has discovered a vulnerability in the Binance BNB Beacon Chain, which would allow the mint of an unlimited amount of arbitrary tokens. The issue was privately disclosed to the BNB team, enabling a patch to be developed and deployed within 24 hours.
In a blog post from Feb. 10, Jump Crypto disclosed a detailed report about the vulnerability was found two days earlier, which could “have led to a large loss of funds.”
As per the report, the BNB Chain is composed of two blockchains – the EVM compatible Smart Chain (BSC), which is based on a fork of go-ethereum and the Beacon Chain, built on top of Tendermint and Cosmos SDK.
However, the Beacon Chain uses a BNB fork hosted on GitHub with several BNB-specific changes. “It deviates from the Cosmos SDK upstream in several ways, motivating us to take extra care in reviewing the differences,” notes Jump Crypto, which recently started a broad research effort dedicated to discovering and patching vulnerabilities across projects via coordinated disclosure.
The vulnerability would allow an attacker to mint an almost unlimited amount of BNB tokens via a malicious transfer, meaning that destination accounts would receive a much larger number of BNB tokens than the sender initially provided. JumpCrypto noted:
“Bugs that allow infinite minting of native assets are some of the most critical vulnerabilities in web3. As such, this finding is proof that we all must stay vigilant and collaborate to elevate security assurances across all projects.”
The BNB team fixed the issue by switching to overflow resistant arithmetic methods for the sdk.Coin type. The patch will result in a golang panic and a transaction failure if the Coin calculation overflows.
The BNB Chain is the native blockchain behind crypto exchange Binance. The company CEO, Changpeng Zhao, thanked Jump Crypto’s team for reporting the bug on Twitter:
Many thanks to @jump_ for reporting this bug. They got a great security team. Really appreciate it. https://t.co/bqidp5X3Y2
— CZ Binance (@cz_binance) February 10, 2023
In October 2022, the BNB Chain was briefly suspended after a cross-chain exploit compromised nearly $80 million worth of cryptocurrency. The genesis of the breach took place on the BSC Token Hub, eventually resulting in the creation of an “extra BNB,” shows an official post on Reddit.
-
others1 week agoVerifiable Bitcoin Accounts for Institutional Bitcoin. Your Custody, Your Terms. – Crypto News
-
Blockchain1 week agoTether Freezes $334 Million in Stablecoins Linked to Illegal Activity – Crypto News
-
Blockchain1 week agoDoorDash Turns to Tempo to Offer Stablecoin Payments – Crypto News
-
Blockchain4 days agoBanking Circle Unveils Stablecoin Settlement – Crypto News
-
Business1 week ago
Hormuz Bitcoin, USDT Tolls Face Crypto Scam Threat As Hackers Clone Iran’s System – Crypto News
-
others1 week ago
Verifiable Bitcoin Accounts for Institutional Bitcoin. Your Custody, Your Terms. – Crypto News
-
Technology1 week ago
Hormuz Bitcoin, USDT Tolls Face Crypto Scam Threat As Hackers Clone Iran’s System – Crypto News
-
Cryptocurrency1 week agoHow P2P.org Built a Solana Transaction Sender for Execution-Critical Teams – Crypto News
-
Cryptocurrency1 week agoTop Ethereum (ETH) Price Predictions as of Late – Crypto News
-
Business1 week ago
Hormuz Bitcoin, USDT Tolls Face Crypto Scam Threat As Hackers Clone Iran’s System – Crypto News
-
Cryptocurrency1 week agoGSR launches BESO ETF with Bitcoin, Ethereum, Solana exposure – Details – Crypto News
-
Business1 week agoActivist Hedge Fund TCIM Pushes Voya Toward Sale – Crypto News
-
De-fi1 week agoSeven-Day Countdown to MEGA Begins as MegaETH Clears First KPI – Crypto News
-
Blockchain6 days agoMorgan Stanley Backs Stablecoin Issuers With Reserves Fund – Crypto News
-
Cryptocurrency6 days ago
Latest “quantum computer breaks the math behind Bitcoin” headlines massively exaggerate risk – Crypto News
-
Cryptocurrency5 days agoDeFi lost $13B this month as the KelpDAO rescue shows both the best and worst of DeFi – Crypto News
-
Cryptocurrency5 days agoDeFi lost $13B this month as the KelpDAO rescue shows both the best and worst of DeFi – Crypto News
-
NFT4 days agoAnonymous User Sells $500K USDT on Telegram TON – Crypto News
-
Blockchain1 week agoCoinbase Lists tGBP to Expand UK Stablecoin Access – Crypto News
-
Blockchain1 week agoWLFI Sinks To New Lows As Eric Trump Slams Sun’s Lawsuit – Crypto News
-
Business1 week ago
U.S. Military Runs Bitcoin Node Amid Strategic Reserve Plans – Crypto News
-
De-fi1 week agoCircle Proposes Emergency Rate Changes to Unstick Aave’s Frozen USDC Pool – Crypto News
-
others1 week ago
CRCL, BMNR, and COIN Stocks Price Prediction as CLARITY Act Hits April Roadblock – Crypto News
-
De-fi1 week agoCardano development teams wants almost $50 million for Bitcoin DeFi and Vision 2030 – Crypto News
-
Business1 week ago
Is Arthur Hayes’ $10k Zcash Forecast Getting Real As Robinhood Lists ZEC? – Crypto News
-
Cryptocurrency1 week agoUS Soldier Charged for Alleged $400K Polymarket Insider Trading on Maduro Removal – Crypto News
-
Cryptocurrency1 week agoUS Bankers association push for 60 day pause to stop stablecoin rules going live – Crypto News
-
Cryptocurrency6 days agoEthereum’s 4 consecutive weeks of price rallies fuel bullish bets of $3200 – Crypto News
-
Cryptocurrency5 days agoDoorDash is turning stablecoins into its core labor infrastructure across 40+ countries – Crypto News
-
Business4 days ago
Michael Saylor Teases Buying More Bitcoin Despite Peter Schiff Warning of ‘Death Spiral’ – Crypto News
-
others4 days agoGoldman Sachs Executive Says It’s a Good Time To Invest in Small-Cap Stocks – Here Are the Areas He’s Focused On – Crypto News
-
others4 days ago
Goldman Sachs Executive Says It’s a Good Time To Invest in Small-Cap Stocks – Here Are the Areas He’s Focused On – Crypto News
-
Cryptocurrency4 days agoThe South Korean bank powering Upbit is testing Ripple integration for cross-border payments – Crypto News
-
others1 week ago
New York Sues Coinbase Over Prediction Markets, COIN Stock Falls 7% – Crypto News
-
others1 week ago
Aave TVL Plunges Following KelpDAO Hack 15 Billion- What’s Next for AAVE Price? – Crypto News
-
Blockchain1 week agoBanking Associations Seek Pause in GENIUS Act Process – Crypto News
-
De-fi1 week agoTether Freezes $344M USDT in Coordination with U.S. Law Enforcement – Crypto News
-
NFT1 week agoJPG Store Shuts Down Cardano NFT Marketplace by May 2026 – Crypto News
-
Cryptocurrency5 days ago
DoorDash is turning stablecoins into its core labor infrastructure across 40+ countries – Crypto News
-
De-fi1 week agoHow crypto futures markets are feeding ‘scam coin’ insider pump and dumps – Crypto News
-
Technology1 week agoBrands pushed Indians to buy premium phones. Now, they’re paying a price – Crypto News
-
De-fi1 week agoDoorDash Teams Up with Tempo on Stablecoin Payments for Its Global Marktplace – Crypto News
-
Technology1 week ago
Grayscale Research Predicts Bitcoin Price Has Bottomed for Early Bull Market – Crypto News
-
De-fi1 week agoUSDT Now Live on Solana, Plasma, and Ethereum With 1:1 USD Onramps and Offramps: Privy and Ramp – Crypto News
-
Blockchain1 week agoBitcoin Bull Score Turns Neutral For First Time This Bear Market – Crypto News
-
Technology1 week agoTrapped in an elevator? AI system at Namo Bharat stations can raise alarm in 60 seconds – Crypto News
-
Technology1 week ago
Summ Review: A Powerful Crypto Tax Tool for Serious Traders – Crypto News
-
Technology1 week agoSingapore emerging as neutral ground as AI firms navigate Sino-US rivalry – Crypto News
-
Blockchain1 week ago$3,000 Ether Depends On More Than Just Strong Spot ETH ETF Inflows – Crypto News
-
Cryptocurrency1 week agoUS admiral who blasted crypto is now running a Bitcoin node for America’s security – Crypto News