Decentralized Exchange Bancor Hacked for $23.5 Million
Another day, another cryptocurrency exchange hacked. This time around the victim was Bancor, an Israeli-based decentralized exchange, who lost $23.5 million USD in a security breach. No user funds have been compromised, but grumblings quickly ensued in the space over how a decentralized exchange froze its tokens in a seemingly centralized way.
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
Bancor Falls Prey
The attack took place in the morning hours of July 9th. Bancor has since stated the hot wallet hacked in this breach was used “to upgrade smart contracts” and has emphasized that no user wallets were affected by the attack.
This morning (CEST) Bancor experienced a security breach. No user wallets were compromised. To complete the investigation, we have moved to maintenance and will be releasing a more detailed report shortly. We look forward to being back online as soon as possible.
— Bancor (@Bancor) July 9, 2018
The funds lost compromised $12.5 million worth of ether (ETH), $1 million in Pundi X (NPXS), and $10 million in Bancor’s native token, BNT. The stolen BNT were quickly frozen by the network’s administrators, so the hacker(s) would not be able to cash out these tokens. At press time, Bancor’s network was offline, with their website stating the project is currently undergoing maintenance.
The hack and subsequent actions by the Bancor team — namely the freezing of tokens and the downing of the network — have raised questions as to whether the DEX is truly decentralized.
DEX, or Not to DEX?
Last year, $150 million was raised for Bancor’s ICO in just a few hours, the largest such fundraiser at the time. Shortly after Bancor’s launch, one writer was quick to point out the more centralized aspects of Bancor’s operations. In essence, Bancor has full control over their BNT token, as evidenced by their decision to freeze it in this hack. This includes tokens held by both individual users and outside crypto exchanges. New tokens can be issued at anytime, and conversely, Bancor administrators are able to destroy BNT tokens at will. While Bancor has not been known to abuse this ability, it nonetheless demonstrates a centralized area of control in the Bancor ecosystem.
In dealing with the stolen Ethereum, the BNT team has said it is collaborating with “dozens of cryptocurrency exchanges to trace the stolen funds and make it more difficult for the thief to liquidate them.” The Ethereum in question has been identified on the blockchain.
Here is the latest update on the recent security breach: pic.twitter.com/JroypFvBri
— Bancor (@Bancor) July 9, 2018
Vitalik Buterin himself, co-founder of Ethereum and head of the Ethereum Foundation, recently said he hopes centralized exchanges “burn in hell.” Among his reasons stated were the potential for abuse, pointing out centralization of power goes against the very purpose of cryptocurrency, a tech intended to be decentralized money. It’s another narrative wrinkle to consider as the space wrestles with the centralization debates.
What’s your take? Has the BNT team approached this hack appropriately or not? Sound off in the comments below.
Images via Bancor, Pixabay