Cyber Incident Victim: Bancor
Date:
Jul 2018
Location:
Israel
Summary
A cryptocurrency platform experienced a security breach, prompting a temporary shutdown to address the incident. The attacker stole approximately $12.5 million in ETH, $1 million in NPXS tokens, and attempted to transfer $10 million worth of BNT tokens, though the platform successfully froze the latter. No user wallets were compromised during the attack. The vulnerability was identified and remediated, with services expected to resume within 24 hours. The breach caused a 14% decline in the platform's native token value.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 9, 2018, token creation platform Bancor experienced a security breach that resulted in the theft of approximately $13.5 million worth of cryptocurrency. The incident prompted Bancor to take its platform offline, with the company stating no user wallets were compromised in the attack. According to Bancor's communications head Nate Hindman, attackers successfully transferred approximately 25,000 ETH (valued at $12.5 million) and nearly 230 million NPXS tokens (worth approximately $1 million) before the breach was contained. Bancor's security team managed to prevent the theft of an additional 2.5 million BNT tokens worth $10 million by utilizing a protocol-level freezing function specifically designed for such emergencies. The company immediately initiated maintenance mode to investigate the breach and prevent further unauthorized transactions, while promising detailed public updates through Telegram and Twitter channels.
Bancor confirmed it had identified and patched the vulnerability responsible for the breach within hours of detection. The platform's built-in token freezing capability, described as an emergency measure for extreme situations, allowed recovery of the stolen BNT tokens directly from the attacker's wallet. This security feature limited damage to Bancor's proprietary ecosystem but couldn't prevent losses of other cryptocurrencies. The incident caused Bancor's native BNT token price to drop approximately 14% within 24 hours, reducing its value to $2.73 according to CoinMarketCap data. Bancor anticipated restoring full platform functionality within 24 hours of the breach while continuing investigation into the attack vectors. The security incident occurred just over a year after Bancor's record-setting $153 million initial coin offering, which at the time represented the largest token sale before being surpassed by Telegram and EOS. No evidence suggested user-controlled wallets were accessed during the breach, with all stolen assets originating from Bancor's own operational addresses.