Alex Labs Stops $3.9M in Exploited Funds Sent to CEXs After Hack
According to the group's May 16 social media post, Bitcoin Layer-2 developer Alex Labs has successfully frozen over $3.9 million worth of crypto exploited from the BNB Smart Chain bridge. According to the post, the attacker sent the money to several different central exchanges (CEXs), which allowed them to freeze through the cooperation of the exchanges.
The group said it has “returned full balances for 17 different tokens, including all aBTC, sUSDT, xBTC, xUSD, ALEX, atALEX, LiSTX, LUNR, SKO, CHAX, $B20, ORDG, ORMM, ORNJ, TRIO, TX20 and STXS.” .
$13.7 million worth of Stack (STX) tokens were also used. Of these, the attacker made a mistake by sending “about 3 million” to central exchanges. The post links to a spreadsheet showing STX balances on each exchange that the hacker used to transfer funds. A total of $3.7 million was found on exchanges, while $9.6 million was held in wallets under the attacker's direct control.
The attacker took the money by manipulating a private key to access one of the “safes” on the bridge. However, “the smart contract code and infrastructure on ALEX was not compromised,” the team said.
RELATED: Alex Bridge on BNB Smart Chain Drains $4.3M After Suspicious Update
Alex Labs promised the attacker a 10% bonus and no lawsuits if they returned 90% of the stolen money. They are also preparing a police report to be filed if the attacker does not agree to negotiate.
Since there is a possibility that not all funds will be returned, the team is “reviewing the $ALEX reserve held by the ALEX Lab Foundation.” These reserves can be used for a “treasury gift program” to compensate users who lost money in the attack.
A disproportionate amount of the money exploited consisted of STX tokens, so the group could propose a reform of the STX network that would freeze the rest of the money and stop new tokens being sent to victims.
Improving the network to stop attacker coins is unprecedented. It was done after the 2016 Ethereum DAO hack and pulled from the Popcorn Swap mat on the BNB Smart Chain. However, these modifications are rarely allowed. With PopcornSwap pulling the rug, the update blocked the money but didn't pay investors.
Alex Labs said it tracked the attacker's address and had “multiple alerts” in place to prevent the funds from flowing out.
Alex isn't the only Bitcoin layer-2 bridge that's been attacked recently. On May 17, the XLink bridge was also attacked, and $10 million was lost. In this case, a white hat hacker was able to get $4.3 million of the stolen money. In both cases, the XLink attack was almost identical to Alex, as the attacker used a phishing technique to obtain the group's private key.
