Cyber Incident Victim: pNetwork

On September 19, 2021, decentralized finance protocol pNetwork suffered a security breach resulting in the theft of 277 Bitcoin (valued over $12 million) from its Binance Smart Chain (BSC) bridge. The attacker exploited a vulnerability within pNetwork’s codebase to steal wrapped Bitcoin (pBTC) collateral specifically on the BSC bridge. pNetwork publicly disclosed the incident via Twitter, confirming the attack targeted only the BSC bridge while emphasizing that all other blockchain bridges supported by the platform—including Ethereum, xDAI, EOS, Polygon, Telos, and Ultra—remained unaffected and secure. The theft represented one of several major cross-chain bridge exploits in 2021, occurring shortly after the record-breaking $610 million Poly Network hack in August.

In response, pNetwork immediately initiated an investigation and promised a detailed post-mortem report. The platform offered the attacker a $1.5 million bounty (equivalent to 12.5% of the stolen funds) in exchange for returning the assets, framing the proposal as an effort to support the broader DeFi ecosystem’s growth. Concurrently, pNetwork prioritized security reviews over operational speed, conducting extensive audits of all bridges to identify similar vulnerabilities. By September 20, the platform restored its Telos and EOS bridges with additional security measures temporarily enforced during the initial reactivation phase. pNetwork committed to gradual reactivation of remaining bridges pending further security assessments, with plans to share comprehensive incident analysis and subsequent updates. The financial impact was confined to the BSC bridge’s collateral, with no evidence of broader fund compromise across the network.