Q2 2024 BNB Chain Hack Losses Down 87% YoY – Salus Security.



Blog post image.

BNB Chain’s security landscape has shown significant progress in Q2 2024, according to Salus Security’s Q2 2024 BNB Chain Security Report. The total financial loss on BNB Chain due to security is down by 87% YoY (Year-Over-Year) to $9.2 million. 

This decline is thanks to BNB Chain’s security measures and constant efforts to safeguard its ecosystem. Q2 2024 reported 35 security incidents, a significant decrease from the 115 incidents recorded in Q1 2023. 

Some Numbers From Q2 2024

BNB Chain reported 35 security incidents during Q2 2024, dramatically reducing financial losses. Losses were reduced to $9.2 million, substantially lower than the $70 million lost in Q2 2023. Additionally, the number of security incidents also registered a substantial drop in Q2 2024, falling to 35 from 115 reported in Q2 2023, a decline of 60%. The incidents were spread across April, May, and June, most occurring in April and May. June witnessed a substantial decline in security incidents and financial losses, as we will see in our postmortem. 

April registered 17 security incidents, leading to a loss of $5,702,666. This made up 5.97% of the $95,552,224 stolen across the crypto ecosystem. May registered a drop in security incidents, but the amount stolen was higher at $5,710,927. However, because of the dramatic increase in assets stolen across the crypto space in May, BNB Chain’s percentage contribution to the assets stolen across the crypto ecosystem dropped to 1.59%. 

June reported the least security incidents in Q2 2024, with losses dropping to $317,500. Despite the decrease on BNB Chain, the total amount stolen across the crypto ecosystem remained substantial at $138,830,500, with BNB Chain’s losses making up just 0.23% of this figure. 

Exit scams and contract vulnerabilities were the most common types of attacks, accounting for 27 security incidents. Other notable attacks were flash loan attacks, price manipulation, access control, and private key compromise. While contract vulnerabilities and exit scams were the most common, the private key compromise led to the most substantial loss. 

Q2 2024 statistics for BNB Chain

Quarterly Comparison 

Looking at Q1 2024 and Q2 2024, we can clearly see a decline in the amount lost, both in the overall crypto ecosystem and the BNB Chain. Q2 2024 also reported fewer incidents, 35 compared to the 43 reported in Q1 2024. The crypto ecosystem lost $731,828,901 in Q1 2024, while BNB Chain lost $14,446,914, accounting for approximately 1.97% of the total losses. The overall losses registered a noticeable decline in Q2 2024, falling from $731,828,901 to $594,274,208, an 18.79% decline. The total amount lost on the BNB Chain also decreased by 18.80% to $11,731,093. However, despite the decrease in absolute amounts, the proportion of losses attributed to BNB Chain remained constant at $1.97%. 

Q1 2024 incidents compared to Q2 2024 incidents

This suggests that while total losses have declined, BNB Chain has maintained its impressive security performance. The stability is a testament to the effectiveness of the security measures adopted by BNB Chain and its ability to mitigate losses in line with broader crypto market trends. 

Notable Incidents In Q2 2024

There were five notable security incidents in Q2 2024, which led to losses for the projects involved.  

  • AlexLabBTC – A private key compromise, this was the most significant single incident in the quarter, resulting in a loss of $4.3 million due to the private keys being compromised through a phishing attack. 
  • SAGA Token – This was an exit scam that led to a loss of $1.5 million. 
  • Chainge Finance – The Chainge Finance smart contract vulnerability led to a loss of $0.716 million.
  • Orion Protocol – Another protocol hit by a contract vulnerability, this incident led to a loss of $0.616 million.
  • XBridge – The root cause of the exploit was the faulty implementation of a smart contract caused by a lack of regulated access control. This incident led to the loss of $0.82 million. 

Recommendations Made By Salus Security

Salus Security made several recommendations and strategic security measures to improve security further. 

  • Enhanced Monitoring Systems – These systems can detect suspicious activities in real time and respond to them promptly. 
  • Regular Security Audits – A comprehensive audit of smart contracts and access control mechanisms to help identify and mitigate any security vulnerability. 
  • Best Practices For Smart Contract Development – Encourage projects and developers to adopt secure coding standards and testing protocols. 
  • Awareness Programs – Regular community awareness programs to educate users and developers about security best practices. 

In Closing 

Salus Security’s Q2 2024 security report marks a significant moment in the ongoing enhancement of blockchain security. It highlights the effectiveness of BNB Chain’s security measures and the community’s commitment to blockchain security. While there were notable incidents, the number of incidents and losses was significantly reduced compared to the previous quarter. This reduction is a testament to the resilience, security, and proactiveness of the BNB Chain team and its community.