$3.1 Million Vanishes: The GANA Payment Attack No One Saw Coming
GANA Payment, a mission on BNB Smart Chain, misplaced greater than $3.1 million after an attacker gained management of key contract rights, experiences have disclosed.
The thief moved a lot of the haul by means of Tornado Cash on each BSC and Ethereum, whereas roughly $1 million stays idle on Ethereum addresses.
How The Attack Unfolded
According to posts by blockchain researcher ZachXBT, the exploiter consolidated stolen belongings at handle 0x2e8***5c38 earlier than sending 1,140 BNB — about $1.04 million — into Tornado Cash on BSC.
The thief then bridged funds to Ethereum and pushed 346.8 ETH valued at roughly $1.05 million by means of the identical mixer.
According to Zach (@zachxbt), the GANA Payment’ mission was exploited for over $3.1M on BSC earlier at present.
The attacker first despatched 1,140 $BNB ($1.04M) into Tornado Cash on BSC, then bridged the stolen funds to #Ethereum and deposited one other 346 $ETH ($1.05M) into Tornado.
The… pic.twitter.com/q7DL8Mdpzf
— Onchain Lens (@OnchainLens) November 20, 2025
About 346 ETH, near $1.05 million on the time, sits untouched at handle 0x7a503***b3cca. Based on experiences from safety agency HashDit, the breach started when possession of a GANA contract was modified with out permission, giving the attacker admin-level management over staking logic.
GANA Urgent Announcement
GANA’s interplay contract has been focused by an exterior assault, leading to unauthorized asset theft. Our technical crew, along with an impartial third-party safety agency, has initiated an emergency investigation to investigate the assault vector,…
— GANA Payment (@GANA_PayFi) November 20, 2025
HashDit’s evaluation reveals that whoever took management may name unstake routines and pressure the system to launch much more GANA tokens than it ought to have.
Those extra tokens have been shortly offered off for extra liquid belongings after which routed into privateness instruments. This is a well-recognized script: manipulate permissions, mint or extract tokens, convert into steady or liquid crypto, then launder.
Who Spotted It And What Happened Next
ZachXBT flagged the suspicious strikes on his Telegram channel. HashDit then dug into the contract and recognized the altered possession because the set off.
GANA’s crew posted an emergency discover acknowledging unauthorized exercise on their interplay contract and mentioned they introduced in an out of doors safety agency to analyze.
The mission mentioned it would map person addresses and permissions as a part of a deliberate reboot and can publish restoration steps and timelines by means of official channels.
HashDit Alert
HashDit has monitored that @GANA_PayFi has been compromised for ~$3.1m $GANA.
Users ought to NOT commerce with the $GANA token in the interim, and await for crew announcement!
Funds have been deposited into TC: https://t.co/rtdjnMvYpI
Root trigger: Ownership of… pic.twitter.com/XZzuoMmf8D
— HashDit | now with Pro Extension (@HashDit) November 20, 2025
Featured picture from Pexels, chart from TradingView
