{"id":52425,"date":"2021-11-05T20:02:06","date_gmt":"2021-11-05T18:02:06","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=52425"},"modified":"2025-09-03T10:08:47","modified_gmt":"2025-09-03T07:08:47","slug":"defi-platform-bzx-reports-hack-losses-estimated-at-55-million","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/defi-platform-bzx-reports-hack-losses-estimated-at-55-million\/","title":{"rendered":"DeFi platform bZx reports hack; losses estimated at $55 million"},"content":{"rendered":"<p>On Friday, November 5, the developers of the DeFi platform bZx acknowledged the loss of funds following a hack.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">An hour ago it appears that the private key controlling the Polygon and BSC deployments was compromised, leading to loss of funds. The Ethereum deployment is under DAO control and not impacted. We will provide further updates soon.<\/p>\n<p>\u2014 bZx \u2014 Fulcrum &#038; Torque (on ETH\/BSC\/Polygon) (@bZxHQ) <a href=\"https:\/\/twitter.com\/bZxHQ\/status\/1456603269355094021?ref_src=twsrc%5Etfw\">November 5, 2021<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to them, the private key controlling the deployment on Polygon and Binance Smart Chain was compromised.<\/p>\n<p>Audit firm SlowMist noted that the losses stand at $55 million. The funds are on seven addresses, presumably controlled by the hacker.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/bZx?src=hash&#038;ref_src=twsrc%5Etfw\">#bZx<\/a> private key compromised, over $55 million dollars stolen so far. We\u2019ll continue to update as more information is discovered. <a href=\"https:\/\/twitter.com\/RektHQ?ref_src=twsrc%5Etfw\">@RektHQ<\/a> <a href=\"https:\/\/twitter.com\/ChainNewscom?ref_src=twsrc%5Etfw\">@ChainNewscom<\/a> <a href=\"https:\/\/twitter.com\/bZxHQ?ref_src=twsrc%5Etfw\">@bZxHQ<\/a> <a href=\"https:\/\/t.co\/SM6WWDt06J\">https:\/\/t.co\/SM6WWDt06J<\/a> <a href=\"https:\/\/t.co\/39S05IiBFr\">pic.twitter.com\/39S05IiBFr<\/a><\/p>\n<p>\u2014 SlowMist (@SlowMist_Team) <a href=\"https:\/\/twitter.com\/SlowMist_Team\/status\/1456647033826123780?ref_src=twsrc%5Etfw\">November 5, 2021<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The project\u2019s developers stressed that the bZx smart contracts themselves were not compromised.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Important to note: the bZx smart contracts themselves were not compromised. This incident only impacted the Polygon and BSC deployments via a compromised key.<\/p>\n<p>\u2014 bZx \u2014 Fulcrum &#038; Torque (on ETH\/BSC\/Polygon) (@bZxHQ) <a href=\"https:\/\/twitter.com\/bZxHQ\/status\/1456621593816444931?ref_src=twsrc%5Etfw\">November 5, 2021<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<div class=\"wp-block-text-wrappers-update-2 article_update\"><time class=\"gtb_text-wrappers_update_time\">6 November 2021 | 12:34<\/time><span class=\"gtb_text-wrappers_update_head\">Update: <\/span><\/p>\n<p>The project team published the results of a preliminary investigation. According to them, the incident &#8220;was a phishing attack on a bZx developer&#8221;.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">The incident today was NOT a protocol hack. It was a phishing attack on a bZx dev. <\/p>\n<p>bZx on Ethereum is not compromised, only BSC + Polygon. <\/p>\n<p>Our treasury is robust and our community will decide a compensation package. <\/p>\n<p>Investigation ongoing. Read more\ud83d\udc47<a href=\\\"https:\/\/t.co\/uLIO8K9QDZ\\\">https:\/\/t.co\/uLIO8K9QDZ<\/a><\/p>\n<p>\u2014 bZx \u2014 Fulcrum &#038; Torque (on ETH\/BSC\/Polygon) (@bZxHQ) <a href=\\\"https:\/\/twitter.com\/bZxHQ\/status\/1456749615521406978?ref_src=twsrc%5Etfw\\\">November 5, 2021<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u00abbZx on Ethereum is not compromised, only BSC + Polygon\u00bb, the post states.<\/p>\n<\/blockquote>\n<p>Representatives indicated that the hacker emptied the BSC and Polygon protocols, after which the withdrawal contract was updated. The extent of the losses is being assessed.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u00ab[\u2026] our community will decide on compensation\u00bb, the bZx team added.<\/p>\n<\/blockquote>\n<\/div>\n<p>In the last 24 hours, the platform\u2019s native token fell by 12%, according to <a href=\"https:\/\/www.coingecko.com\/\">CoinGecko<\/a>.<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"580\" src=\"https:\/\/u1f987.com\/wp-content\/uploads\/BZRXUSDT_2021-11-05_19-48-40-1024x580.png\" alt=\"DeFi-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 bZx \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0432\u0437\u043b\u043e\u043c\u0435. \u0423\u0449\u0435\u0440\u0431 \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 $55 \u043c\u043b\u043d\" class=\"wp-image-155286\" srcset=\"https:\/\/u1f987.com\/wp-content\/uploads\/BZRXUSDT_2021-11-05_19-48-40-1024x580.png 1024w, https:\/\/u1f987.com\/wp-content\/uploads\/BZRXUSDT_2021-11-05_19-48-40-300x170.png 300w, https:\/\/u1f987.com\/wp-content\/uploads\/BZRXUSDT_2021-11-05_19-48-40-768x435.png 768w, https:\/\/u1f987.com\/wp-content\/uploads\/BZRXUSDT_2021-11-05_19-48-40.png 1086w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption><meta charset=\"utf-8\">BZRX\/USDT chart on Binance. Data: <a href=\"https:\/\/ru.tradingview.com\/symbols\/BZRXUSDT\/\">TradingView<\/a>.<\/figcaption><\/figure>\n<p>In February 2020, an attacker withdrew 1193 ETH, about 2% of total assets, while the bZx team participated in the ETHDenver hackathon.<\/p>\n<p>Two days later, unknown parties attacked the platform again. The losses were estimated at 2388 ETH.<\/p>\n<p>In September, the hacker withdrew about $8 million. Later the developers said they had returned all stolen funds.<\/p>\n<p>Back in October 2021, the DeFi protocol Cream Finance was hacked again \u2014 the damage from the attack <a href=\"https:\/\/u1f987.com\/en\/news\/cream-finance-defi-protocol-hacked-again\">amounting to $130 million<\/a>.<\/p>\n<p>Subscribe to ForkLog news on <a href=\"https:\/\/www.facebook.com\/forklog\" target=\"_blank\" rel=\"nofollow noopener\">Facebook<\/a>!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On Friday, November 5, the developers of the DeFi platform bZx acknowledged the loss of funds due to a hack.<\/p>\n","protected":false},"author":1,"featured_media":52426,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1935,1154,1093],"class_list":["post-52425","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-bzx","tag-crimes","tag-defi"],"aioseo_notices":[],"amp_enabled":true,"views":"43","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/52425","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=52425"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/52425\/revisions"}],"predecessor-version":[{"id":52427,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/52425\/revisions\/52427"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/52426"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=52425"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=52425"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=52425"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}