GANA Payment, a payments-focused crypto project on BNB Chain, has been hit by a major exploit that drained more than $3.1 million from its contracts. The incident, flagged by blockchain investigator ZachXBT, is another reminder of how quickly funds can vanish across chains when vulnerabilities meet determined attackers.
Hacker Moves Fast With Stolen Funds
The exploit unfolded within hours, and the attacker moved rapidly to disperse the stolen assets. According to ZachXBT’s on-chain analysis, the hacker first consolidated the funds into a single wallet before beginning the laundering process. They then sent 1,140 BNB—worth roughly $1.04 million—into Tornado Cash on BNB Chain to obscure the trail.
Tornado Cash, a widely used crypto mixer, often helps obscure transaction trails by pooling deposits with large liquidity reserves. By routing stolen funds through it, the GANA Payment attacker made tracking significantly more difficult. The hacker then bridged part of the haul to Ethereum and deposited 346.8 ETH — about $1.05 million — into Tornado Cash again, continuing the cross-chain laundering strategy. Another 346 ETH, valued at roughly $1.046 million, currently remains untouched in the attacker’s Ethereum wallet.
On-Chain Details Show a Cleanly Executed Attack
BscScan logs reveal seven outgoing transactions from the primary attacker address, including multiple transfers of BUSD-T and small amounts of BNB — with fees so low they were barely noticeable. The address now holds less than 0.01 BNB after distributing or mixing nearly all stolen assets.
On Ethereum, the attacker’s wallet still contains more than 346 ETH. Since receiving the bridged funds, the address has shown only a single notable action: an approval transaction for USDT. With no major outflows yet, the attacker appears to be waiting for the right moment to move the remaining balance. Each bridge, approval, and mixer deposit further complicates investigators’ efforts to freeze or recover funds.
Community Reacts as Security Concerns Grow
For many users, the GANA Payment exploit amplifies long-standing fears around protocol security — especially among smaller or less-established projects. While networks like BNB Chain and Ethereum offer robust infrastructure, vulnerabilities within individual protocols can still lead to major losses.
Security analysts are urging GANA Payment to publish a full post-mortem quickly, halt any compromised contracts, notify users, and coordinate with exchanges to flag suspicious activity.
What Comes Next?
The attacker still controls more than $1 million in unlaundered ETH. Whether they move it next or let it sit remains unclear. Recovery remains unlikely, though investigators continue monitoring the wallets closely.
For the broader crypto community, the incident is another reminder of the need for rigorous audits and safer contract design. In a market where funds can move in seconds, prevention is still the only real defense.
