Menu
Browse

bZx

Primary URL Location Industry
bzx[.]network
Country United States of America
Financial Services Icon
Financial Services
Profile

bZx, also known by its alias, is a decentralized finance platform headquartered in the United States of America. The organization provides blockchain-based financial services to users through its DeFi protocol. It operates under the bZx brand in the cryptocurrency ecosystem.

On November 5, 2021, bZx experienced a security breach that resulted in the theft of approximately fifty‑five million dollars in cryptocurrency. The attack began when a developer received a phishing email containing a malicious Word document macro. Opening the document executed the macro, which compromised the developer’s personal computer.

With access to the compromised machine, the attacker obtained private keys associated with bZx’s integrations on the Polygon and Binance Smart Chain networks. Using those keys, the attacker drained funds from the platform’s contracts and also extracted assets from users who had previously granted unlimited token spending approvals. The theft affected both the protocol’s own reserves and the holdings of its user base.

In response, bZx immediately disabled its user interface to prevent further deposits or withdrawals. The team then collaborated with various cryptocurrency exchanges to trace the movement of the stolen assets and sought to freeze them where possible. Publicly, the platform urged the perpetrator to engage in bounty negotiations for the return of the funds, following a pattern seen in other high‑profile DeFi incidents.

The incident remains one of the larger cryptocurrency thefts reported in the decentralized finance sector during 2021. It underscores the importance of securing developer environments and limiting token approvals in DeFi applications. bZx continues to operate under its alias while addressing the aftermath of the breach.

Incidents
Linked incidents available to members
1 incident