$590M BNB moved to Tether-blacklisted wallet amid rumors of Binance hack

Two million BNB tokens worth roughly $590 million were transferred to a newly generated wallet to an address that Tether then blacklisted. The blacklisting was highlighted by a Tether bot on Twitter, fueling the rumor of one of the year’s biggest hacks.

[2022/10/06 21:24] USDT blacklisted 0x489a8756c18c0b8b24ec2a2b9ff3d4d447f79bec in block 15691728 https://t.co/qhyr8eHU84

— usdt blacklist (@usdtblacklist) October 6, 2022

MevRefund publicized the event on Twitter by posting a suspicious transaction that included 1 million BNB, claiming there may be a hack in progress. The rumor of the trade being related to some form of hack is, as yet, unconfirmed. However, the receiving wallet, “0x489A…7F79BEc,” being blacklisted by Tether suggests something malicious may be in progress.

Looks like an enormous hack for 2M BNB

Here’s one tx: https://t.co/yeRYhy2PzC

— MevRefund (@MevRefund) October 6, 2022

MevRefund confirmed the blacklisting via on-chain data in a later tweet.

Hack’s looking a lot more likely: pic.twitter.com/JB1upZ9Ad0

— MevRefund (@MevRefund) October 6, 2022

At the time of press, CZ, the CEO of Binance, has not commented on the transaction. His last tweet was made an hour before the information became public knowledge and stated, “it’s not about cash flow; it’s crypto flow.” Since the tweet, almost half a billion dollars of BNB has flowed through a now-blacklisted wallet.

Green Jeff on Twitter argued that the receiving wallet had bridged BNB tokens and subsequently made a leveraged DeFi play using the funds. CryptoSlate’s analysis also arrived at this conclusion as on-chain data shows a large deposit to Venus swapping tokens for stablecoins using the BNB as collateral.

Some gigawhale (possibly Binance) is making a massive on-chain leverage play in real-time.

Looks like a huge concentrated bet: Long $ETH vs stablecoins using $BNB collateral.https://t.co/5GFCv8AEzR

— GREEN JEFF (The Bread #9) (@jeffthedunker) October 6, 2022

Further analysis by Green Jeff, however, confirmed that the Tether blacklisting might suggest malicious activity. While Green Jeff commented that the “activity doesn’t really look like a hack,” he questioned why Tether would be moving faster than Binance. If this is related to some form of exploit, he further posited that Binance itself might be the victim.

Another theory is that the Ethereum held in the wallet may have been sent to Tornado Cash. However, only around 20% of the total wallet value has been converted to ETH.

Blacklisted by Tether. Really curious how they are getting in front before Binance. If hack, seems like Binance themselves was hacked?

Otherwise very big dark money sitting in BNB waiting to exit.

Perhaps the $ETH long is to tornado, ultimatelyhttps://t.co/ciOKRNp2jG

— GREEN JEFF (The Bread #9) (@jeffthedunker) October 6, 2022

The price of BNB fell sharply by 5% during the period when the wallet became active, giving up the gains it had made since the start of October.

There has been no confirmation that the event was the result of a hack or exploit. However, further analysis is required.

The BNB chain has now been paused, giving further indication of a malicious actor being at play.

.@BNBchain is currently under maintenance.

We will suspend all deposits and withdrawals via BNB chain temporarily until there are further updates.

We apologise for the inconvenience. Thank you for your patience!

— Binance (@binance) October 6, 2022

This is an evolving story; further information will be reported as it becomes available.