{"id":59720,"date":"2025-11-21T14:01:34","date_gmt":"2025-11-21T14:01:34","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=59720"},"modified":"2025-11-21T14:01:34","modified_gmt":"2025-11-21T14:01:34","slug":"3-1-million-vanishes-the-gana-payment-attack-no-one-saw-coming","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=59720","title":{"rendered":"$3.1 Million Vanishes: The GANA Payment Attack No One Saw Coming"},"content":{"rendered":"
\n

GANA Payment, a project on BNB Smart Chain<\/a>, lost more than $3.1 million after an attacker gained control of key contract rights, reports have disclosed.<\/p>\n

The thief moved much of the haul through Tornado Cash<\/a> on both BSC and Ethereum<\/a>, while roughly $1 million remains idle on Ethereum addresses.<\/p>\n

How The Attack Unfolded<\/h2>\n

According to posts by blockchain researcher ZachXBT, the exploiter consolidated stolen assets at address 0x2e8***5c38 before sending 1,140 BNB \u2014 about $1.04 million \u2014 into Tornado Cash on BSC.<\/p>\n

\"\"<\/p>\n

The thief then bridged funds to Ethereum and pushed 346.8 ETH valued at approximately $1.05 million through the same mixer.<\/p>\n

\n

According to Zach (@zachxbt<\/a>), the GANA Payment\u2019 project was exploited for over $3.1M on BSC earlier today.<\/p>\n

The attacker first sent 1,140 $BNB<\/a> ($1.04M) into Tornado Cash on BSC, then bridged the stolen funds to #Ethereum<\/a> and deposited another 346 $ETH<\/a> ($1.05M) into Tornado.<\/p>\n

The\u2026 pic.twitter.com\/q7DL8Mdpzf<\/a><\/p>\n

\u2014 Onchain Lens (@OnchainLens) November 20, 2025<\/a><\/p>\n<\/blockquote>\n

About 346 ETH, close to $1.05 million at the time, sits untouched at address 0x7a503***b3cca. Based on reports from security firm HashDit, the breach began when ownership of a GANA<\/a> contract was changed without permission, giving the attacker admin-level control over staking logic.<\/p>\n

\n

GANA Urgent Announcement<\/p>\n

GANA\u2019s interaction contract has been targeted by an external attack, resulting in unauthorized asset theft. Our technical team, together with an independent third-party security firm, has initiated an emergency investigation to analyze the attack vector,\u2026<\/p>\n

\u2014 GANA Payment (@GANA_PayFi) November 20, 2025<\/a><\/p>\n<\/blockquote>\n

HashDit\u2019s analysis shows that whoever took control could call unstake routines and force the system to release far more GANA tokens than it should have.<\/p>\n

Those excess tokens were quickly sold off for more liquid assets and then routed into privacy tools. This is a familiar script: manipulate permissions, mint or extract tokens, convert into stable or liquid crypto, then launder.<\/p>\n

<\/p>\n

Who Spotted It And What Happened Next<\/h2>\n

ZachXBT flagged the suspicious moves on his Telegram channel. HashDit then dug into the contract and identified the altered ownership as the trigger.<\/p>\n

GANA\u2019s team posted an emergency notice acknowledging unauthorized activity on their interaction contract and said they brought in an outside security firm to investigate.<\/p>\n

The project said it will map user addresses and permissions as part of a planned reboot and will publish recovery steps and timelines through official channels.<\/p>\n

\n

\"\ud83d\udea8\"HashDit Alert\"\ud83d\udea8\"<\/p>\n

HashDit has monitored that @GANA_PayFi<\/a> has been compromised for ~$3.1m $GANA<\/a>.<\/p>\n

Users should NOT trade with the $GANA<\/a> token for the time being, and await for team announcement!<\/p>\n

Funds have been deposited into TC: https:\/\/t.co\/rtdjnMvYpI<\/a><\/p>\n

Root cause: Ownership of\u2026 pic.twitter.com\/XZzuoMmf8D<\/a><\/p>\n

\u2014 HashDit | now with Pro Extension (@HashDit) November 20, 2025<\/a><\/p>\n<\/blockquote>\n

Featured image from Pexels, chart from TradingView<\/em><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

GANA Payment, a project on BNB Smart Chain, lost more than $3.1 million after an attacker gained control of key contract rights, reports have disclosed. The thief moved much of the haul through Tornado Cash on both BSC and Ethereum, while roughly $1 million remains idle on Ethereum addresses. How The Attack Unfolded According to […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-59720","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/59720","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=59720"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/59720\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=59720"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=59720"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=59720"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}