Cryptocurrency worth about $100 million was stolen by scammers from Binance, the world’s biggest exchange for crypto assets, the firm said on Friday.
The total stolen was $580 million, but company chief Changpeng Zhao said roughly 80 percent had been frozen immediately, and the damage had been limited to less than $100 million.
He tweeted that “an exploit” in the system led to extra production of the exchange’s dedicated currency, BNB, but insisted the issue had been “contained” and told his seven million followers: “Your funds are safe.”
It is among the biggest thefts in cryptocurrency history and comes in a year where scammers preying on the sector have got away with billions of dollars.
In the most damaging incident, the Axie Infinity blockchain game was hacked for more than $500 million in late March.
Both scams exploited weaknesses in “cross-chain bridges” — the means used by investors to move assets from one blockchain to another.
Blockchains are digital ledgers that store details of transactions — the biggest is bitcoin but there are thousands of others.
Binance, which dominates the sector and boasted of handling transactions worth $32 trillion last year, said in a statement that “a total of 2 million BNB was withdrawn”, which valued the heist at $580 million.
Zhao later clarified in an interview with MSNBC that most of those coins had been frozen.
Prominent crypto figures had taken to social media late on Thursday talking of a $600 million theft hours before the firm sent its first statement.
“Somebody on BNB just got hacked for (roughly) 2 million BNB,” wrote a developer who uses the name foobar on Twitter.
“The attacker is spewing funds across liquidity pools and utilising every bridge they can to get to safer chains. Complete chaos on the chain.”
Experts have been warning of security lapses on cross-chain bridges all year.