BNB Chain hacks in 2025

Likely private-key theft gave attackers control of GANA Payment's BSC contract; they manipulated reward rates and drained $3.1M via the unstake function.

GriffinAI, an AI-agent crypto project, lost ~$3M after a bridge/mint flaw let an attacker mint unbacked GAIN tokens and dump them, collapsing the price.

~$2M rug-pulled from New Gold Protocol, a 'gold-backed' BNB Chain yield project whose privileged contract authority drained deposits before the team vanished.

A flaw in Credix Finance's credit-token minting logic on BNB Chain let an attacker mint and redeem against fabricated positions, draining $4.5M from the pool.

$90M+ drained from Iran's largest exchange by Predatory Sparrow, then burned to addresses tagged with anti-IRGC messages — a destruction-not-profit hack.

Access-control flaw drained $3.76M from Nervos's Force Bridge on Ethereum and BNB Chain; loot was swapped to ETH and routed via Tornado Cash and FixedFloat.

$2.15M drained from MobiusDAO on BNB Chain after a double 10^18 scaling let the attacker mint 9.73 quadrillion MBU from 0.01 BNB; laundered via Tornado Cash.

$7.5M extracted from KiloEX perps on Base, opBNB and BSC after the MinimalForwarder skipped signature checks; positions opened at $100, closed at $10,000.

~$73M drained from Phemex hot wallets across 16 blockchains in a coordinated sweep — the first major exchange hack of 2025, with TTPs consistent with Lazarus.