GANA Hit By $3.1M Exploit As Investigators Track Stolen Funds
- GANA Payment lost over $3.1M in a fast exploit traced by investigator ZachXBT.
- The attacker moved stolen funds through BNB Chain, Ethereum, and Tornado Cash.
- GANA’s token crashed by over 90%, raising concerns about its security and oversight.
GANA Payment, a project on BNB Chain, suffered a major exploit that removed more than $3.1 million from its contracts. The incident was identified by blockchain investigator ZachXBT. The attack showed how quickly losses can occur once a contract vulnerability is exposed.
Hackers gathered the stolen funds at BSC address 0x2e8…e5c38. They swapped most of the assets into BNB before making their first attempt to blur the trail. The exploiter deposited 1,140 BNB, worth about $1.04 million, into Tornado Cash on BNB Chain. That move signaled the start of their laundering process.
Cross-Chain Movements and Dormant Ethereum Funds
Investigators tracked the remaining stolen assets as they moved off the BNB Chain. The exploiter bridged the funds to Ethereum. Once the transfer settled, the attacker deposited 346.8 ETH, valued at $1.05 million, into Tornado Cash. That deposit followed the same pattern as the BNB transfer and reduced the traceability of the movement.
Another set of funds remains untouched on Ethereum. The exploiter holds 346 ETH, worth around $1.046 million, at address 0x7a5…b3cca. The assets have not moved since the exploit. Monitoring efforts continue, but there have been no signs of new activity. This inactive balance adds uncertainty to the next steps.
GANA Payment operates through the BEP-20 GANA token. The project relies on decentralized exchanges and on-chain liquidity pools. Public documentation for the system is limited. No verified audits or technical reviews have been released.
Details of the exploited vulnerability remain unknown. The lack of information has increased concerns among observers and users following the incident.
GANA Token Crash and Rising Security Concerns
The token reacted sharply after the attack. Data from GeckoTerminal shows GANA dropped more than 91%. Liquidity pools experienced sharp imbalances as traders moved to exit positions.
The price decline reflected immediate loss of confidence. The project has not issued a complete technical explanation of the exploit. As of press time, GANA is valued at $0.2586 with a market capitalization of $2.58 million.
This event adds to a series of mid-sized attacks reported on BNB Chain during the year. DefiLlama data shows that smaller BSC projects have lost over $100 million in 2025. Several cases, such as the Future Protocol breach, resulted from contract flaws, liquidity drains, and compromised key events. Each case followed a fast flow of extraction and laundering across chains.
Related: Lazarus Group Targets Crypto Devs Using U.S. Companies
The GANA exploit followed the same structure seen in many earlier attacks. The sequence included contract draining, consolidation of assets, bridging to another chain, and mixing through Tornado Cash. The method aligns with trends noted by independent researchers. Attackers continue to rely on predictable paths to reduce detection.
Users affected by the exploit have raised concerns about project security. Smaller projects often lack strong review processes and documented safeguards. Major chains provide stable infrastructure, but individual projects still hold risks. Analysts have urged GANA Payment to halt affected contracts, alert users. It was also advised to begin coordinated communication with exchanges to monitor suspicious transfers.
The attacker still controls more than a million dollars in unlaundered ETH. It is unclear whether these assets will be moved or left inactive. Recovery appears unlikely due to the depth of mixing and cross-chain transfers.
Investigators continue to track movements in case new activity emerges. The incident highlights the need for thorough audits and stronger contract design for projects seeking long-term stability.
