BNB Chain hacks in 2022

Stolen Ankr developer key let an attacker mint 60 trillion aBNBc, which Helio accepted as collateral to lend out $16M of HAY before Binance froze $3M.

A flawed Merkle proof verification in BSC's native bridge let the attacker forge withdrawals for 2M BNB before validators paused the chain.

Transit Swap users with infinite approvals lost $21M when claimTokens failed to validate which token to call transferFrom on. 70% returned after on-chain talks.

Gym Network on BNB Chain lost $2.1M after a deposit function accepted a referrer signature without validating it, letting the attacker mint huge GYMNET rewards.

Fortress Protocol on BNB Chain lost $3M after the attacker manipulated FTS via a thin oracle and used a governance proposal to set arbitrary collateral factors.

DEUS DAO lost $13.4M after pricing DEI collateral from a Solidly DEI/USDC pool that a flash-loan attacker moved, borrowing out the lending reserves.

~$1.7M drained from Paraluni on BNB Chain after the deposit function accepted an unvalidated token with no reentrancy guard, letting a fake token re-enter.

A private-key compromise drained $10M from Dego Finance across Ethereum and BNB Chain, sweeping liquidity pools and user wallets with active token approvals.

Meter Passport bridge lost $4.4M when its deposit handler trusted a wrapped-token transfer amount that could be set without backing, minting bridged BNB/ETH.

An attacker tricked Qubit's BSC bridge into minting 77,162 qXETH ($185M nominal) without depositing any ETH, borrowing 206,809 BNB ($80M).