Cross-chain DeFi platform pNetwork has become the latest protocol to be targeted by hackers on Binance Smart Chain, reporting a loss of roughly $12.7 million worth of Bitcoin.
According to a Twitter thread published by pNetwork on Sept. 20, the incursion resulted in 277 pBTC being siphoned from the exchange. The hackers made off with the majority of the network’s collateral, pNetwork added.
The team noted the attack was executed by exploiting a bug in its codebase, adding that a fix is already in progress. pNetwork also offered for the hacker to keep 11.5% of the stolen funds if they return the funds.
“To the black hat hacker. Although this is a long shot, we’re offering a clean $1,500,000 bounty if funds are returned.”
At the time of writing, the team has not issued any further details on the exploit. pNetwork team is yet to discuss whether it plans to reimburse impacted users.
pNetwork facilitates the movement of digital assets across different blockchains. As with other wrapped token protocols, users can mint pBTC by depositing BTC into a smart contract – allowing them to migrate the value of their BTC off the Bitcoin network and onto EVM compatible chains.
The price of pNetwork’s governance token PNT token has plunged 18% in the past 24 hours.
pNetwork is not the first cross-chain platform to be exploited as decentralized exchange THORChain suffered a $7.6 million hack in July. Just a couple of weeks later, THORchain was hacked again for around $8 million. Fortunately for the platform, the hacker turned out to be a “white hat”, promising to return the funds for a 10% bounty.
Binance Smart Chain has had more than its fair share of exploits so far this year. The ever-lengthening list of BSC exploits includes Pancake Bunny, Cream Finance, bEarn, Bogged Finance, Uranium Finance, Meerkat Finance, SafeMoon, Spartan Protocol, BurgerSwap, Belt Finance, and now pNetwork.
Binance Smart Chain was also involved in the record-breaking Poly Network hack in early August which saw $253 million lifted from BSC and more than $600 million stolen in total though the benevolent hacker returned nearly all of the funds.