blank Skip to main content

Blockchain Vulnerabilities: Bancor Exchange Hack

Any lock can be picked, and blockchain technology isn’t completely free from its own security vulnerabilities. In 2018 we’ve already seen several major exchanges like Bancor hacked by criminals eager to get in on the Bitcoin hype. Since our team is especially passionate about cybersecurity and data protection, we pay special attention to this revolutionary technology. In this series, we talk about some of the recently found blockchain vulnerabilities and the ways they have or haven’t been handled by cybersecurity professionals.

This post is dedicated to the Bancor exchange hack that took place in July 2018. We try to give you a better understanding of the Bancor protocol and take a detailed look at the attack that initially cost the network $23 million. We also look at the countermeasures that were taken and new Bancor security issues that can still be exploited by hackers.

The attack on the Bancor network

On July 9, 2018, the Bancor network that specializes in decentralized exchanges experienced a major breach. One of the Bancor network’s accounts was compromised.

Attackers took control of a wallet that was later used to transfer approximately $23 million in cryptocurrencies, including ether, to a personal account. However, the Bancor team was able to mitigate some damage and recovered around $10 million worth of their own BNT tokens.

Сuriously, the attack targeted one of the key accounts in the Bancor network. Somehow, hackers managed to gain access to the victim’s private key. That key works pretty much like a password and is used for authorizing all transactions from the account.

While it’s still unknown how exactly the attackers acquired that key, there are several theories. It’s possible that there was was a breach in Bancor’s internal network that the attackers used to their advantage. Or they could have performed a phishing attack on one of the network developer’s computers.

To make this attack even more interesting, the compromised account is actually the original creator of the Bancor token contract. Usually, the contract’s creator is also its owner. This contract ownership model is a common development pattern used by many smart contracts on the Ethereum network.

A Bancor owner account works pretty much the same as an admin account on a computer: it has access to a number of critical and restricted functions that regular accounts don’t have access to.

Read also:
Blockchain Attack Vectors: Vulnerabilities of the Most Secure Technology

Luckily for Bancor, the compromised account was no longer an owner of any critical contract. Still, the account was actively used to upgrade some Bancor-related companion contracts. Naturally, every contract the hacked account had access to was drained of funds. In particular, the attackers drained:

  • The compromised account, stealing all ether from it
  • The network’s converter contracts, stealing ether (ETH), Pundi X tokens (NPXS), and Bancor tokens (BNT)
  • The network’s reserve accounts

According to the company’s official statement, initial losses from the Bancor security breach were as high as $23 million:

  • 5,000 ether (~ $12.5 million)
  • 3,200,000 BNT (~ $10 million)
  • 230,000,000 NPXS (~ $1 million)

Thanks to the Bancor team’s quick response, however, the hackers didn’t get all the money and managed to steal only about $13 million. But how did they manage to get access to one of the network’s accounts in the first place? We explain the possible mechanism behind the attack in the next section.

Following the trail

Apparently there was a weak spot in Bancor’s technology. However, a direct attack on the contract itself seems unlikely. There was no real vulnerability in any of Bancor’s smart contracts. What’s more, every smart contract on the network was thoroughly audited by third parties. You can find detailed information about this audit on GitHub.

So how did the attackers compromise one of the wallets and steal all that money?

In order to execute the Bancor hack, attackers called functions of several smart contracts in the network. The attackers simply initiated a Bancor exchange procedure and authorized transfers of tokens from the compromised contracts to their own accounts.

In particular, attackers called a BancorConverter contract function, withdrawTo, from the hacked account. The details of this transaction can be found here.

As a result of this transaction, all the funds from a helper contract were transferred to the attacker’s account. Now all they needed to do was perform one more transaction in order to withdraw the funds normally and take the stolen ether. Other tokens were stolen in a similar manner.

All of the stolen funds were sent to one account and then distributed to other wallets. Most of the tokens ended up in an exchange wallet. They must have been exchanged for other currencies by now, so at this point it’s pretty much impossible to track them. The stolen ether was frozen for over a month in this account.

Are Bancor’s countermeasures enough?

While Bancor’s team managed to get a hold of approximately $10 million worth of stolen BNT tokens, their response was a bit controversial. The BNT tokens are Bancor’s smart tokens that are mostly ordinary ERC20 coins. However, they have some additional control functions, such as:

  • Issuing tokens to arbitrary accounts
  • Destroying tokens from arbitrary accounts
  • Disabling transfers of any tokens

These functions can only be called by the contract’s owner. Thus, in extreme cases, Bancor can easily freeze and destroy stolen tokens. And this is exactly what they did following the July 2018 attack. In addition to freezing $10 million in BNT tokens, the company transferred ownership of any contracts from the hacked account to, hopefully, more secure owners.

Also, following the hack of the decentralized cryptocurrency exchange, Bancor decided to increase the security of their main contract by granting its ownership to a multi-signature contract. This measure ensures that no single account can get access to the whole network. To execute any owner-restricted action, a user would now need to acquire input from two out of four trusted accounts. You can find more information about multi-signature wallets here.

While at first glance this scheme seems to be pretty secure, it’s basically the biggest Bancor vulnerability. The very functions that helped save all of the stolen BNT tokens could be used to destroy the entire network. Just think about it: all that hackers need to do is get a hold of two out of four account keys. The security and well-being of the entire network rely on four pieces of data being hidden well enough. And all we can do is trust Bancor to keep their data safe and not abuse their own power. The good news is that this vulnerability is probably the only one left in the network.

Read also:
5 Security Tips for Writing Smart Contracts


The example of Bancor’s recent hack shows that every system has its weak spots and even a minor vulnerability can result in devastating losses when exploited by persistent hackers. It also proves that quick and well-thought-out countermeasures can lessen the consequences of any attack.

At Apriorit, we have vast expertise in cybersecurity and a dedicated team of professionals who are passionate about what they do. We’ll gladly assist you in improving data protection in your current projects and help you build a new solution using blockchain technology.

In our next post on blockchain vulnerabilities, read about vulnerable ERC20 tokens and how to avoid writing unsafe code.

Related services

Security Testing

Tell us about your project

Send us a request for proposal! We’ll get back to you with details and estimations.

By clicking Send you give consent to processing your data

Book an Exploratory Call

Do not have any specific task for us in mind but our skills seem interesting?

Get a quick Apriorit intro to better understand our team capabilities.

Book time slot

Contact us