Blockchain Sleuth ZachXBT Flags $3.1M Exploit on GANA Payment via BNB Chain

20-Nov-2025 Crypto Economy

TL;DR:

  • GANA Payment lost over $3.1M in an exploit tracked by ZachXBT, with stolen funds swapped into BNB and funneled through Tornado Cash.
  • The attacker bridged assets to Ethereum, depositing more than 346 ETH into mixers while additional funds remain dormant in a separate wallet.
  • GANA’s token plunged over 90%, and the incident reflects a troubling pattern of mid-sized BNB Chain exploits fueled by weak audits and contract vulnerabilities.

The GANA Payment project is facing intense scrutiny after a new exploit drained more than $3.1 million in user funds, reinforcing lingering concerns about weak security practices across smaller BNB Chain networks. Analysts say the incident reflects a broader pattern of vulnerabilities, with investigators tracking the attacker’s rapid movements and highlighting the fragility of lightly audited onchain systems.

Growing Alarm as Stolen Funds Move Across Chains

The initial discovery came from onchain analyst ZachXBT, who reported that GANA Payment suffered a major breach in which hackers drained over $3.1 million in digital assets. According to his analysis, the attacker concentrated the stolen funds at a single BSC address and swiftly converted the bulk of the assets into BNB, setting the stage for additional laundering attempts.

GANA Payment lost over $3.1M in an exploit tracked by ZachXBT

From that wallet, the exploiter deposited 1,140 BNB — worth about $1.04 million — into Tornado Cash on BNB Smart Chain. ZachXBT explained that the remaining tokens were bridged to Ethereum, where the attacker continued the laundering process by depositing 346.8 ETH, valued near $1.05 million, into Tornado Cash.

On Ethereum, another 346 ETH, approximately $1.046 million, currently sits untouched in a separate wallet. Observers believe the funds are likely awaiting further obfuscation steps, indicating the attacker’s careful staging of assets and the expected reliance on mixing tools to evade tracing.

GANA Payment, built around a BEP-20 token model, operates mostly on decentralized exchanges and liquidity pools. The project lacks formal audits or detailed public documentation. As a result, critical questions about the vulnerability exploited remain unanswered, further amplifying uncertainty. Following the attack, GANA’s token price collapsed by over 90%, according to market data, reflecting shaken investor confidence and severe liquidity disruption.

The exploit also fits a broader trend on BNB Chain this year. Mid-sized attacks have surged, with smaller projects reportedly losing more than $100 million in 2025. Historical cases show recurring themes: contract flaws, liquidity pool drains, and compromised private keys. Today’s GANA hack follows the same familiar pattern — quick draining, cross-chain bridging, and usage of Tornado Cash — fueling concerns that systemic security gaps remain unresolved and malicious actors continue exploiting predictable weaknesses.

Also read: Fetch.ai Leads the Agent Economy as Digital Intelligence Expands Globally
Next
Author's Name
telegram Telegram Twitter Twitter Linkedin Linkedin Instagram Instagram
About Author Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nunc fermentum lectus eget interdum varius. Curabitur ut nibh vel velit cursus molestie. Cras sed sagittis erat. Nullam id ante hendrerit, lobortis justo ac, fermentum neque. Mauris egestas maximus tortor. Nunc non neque a quam sollicitudin facilisis. Maecenas posuere turpis arcu, vel tempor ipsum tincidunt ut.
Read More Articles by Author
WHAT'S YOUR OPINION?
Related News