Recommended

Crypto Deposit Make instant crypto transfers to your futures account
USDT-M Perpetual Futures Trade futures contracts settled in USDT
VIP Fee Discounts Enjoy different fee discounts based on your VIP level
Coin-M Perpetual Futures Trade futures contracts settled in cryptocurrency
Fiat Deposit Buy your favourite coins in seconds
Affiliates Invite friends & get rewarded
Convert Covert your crypto instantly
Support Centre Find our FAQs here
Announcements Find all our official announcements
BTCC Academy Learn about blockchain and crypto
News The latest trends in the crypto market

Promotions

Referral
Campaigns
Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
register
BTCC / BTCC Square / CryptotimesIO /
GANA Payment Hit by $3.1M Exploit as Hacker Uses Tornado Cash

GANA Payment Hit by $3.1M Exploit as Hacker Uses Tornado Cash

Author:
CryptotimesIO
Published:
2025-11-20 05:54:05
12
3

Another day, another crypto heist—but this one's got regulators sweating bullets.

The $3.1 Million Vanishing Act

Tornado Cash strikes again, proving that privacy tools remain the Swiss Army knife for digital bandits. The mixer effectively laundered the entire haul while GANA's security team scrambled to plug the leak.

DeFi's Recurring Nightmare

Smart contracts? More like smart vulnerabilities when $3.1 million can disappear faster than a banker's conscience during bonus season. The exploit exposes the persistent gap between theoretical security and practical execution in decentralized finance.

Until projects start treating security audits like actual requirements rather than marketing checkboxes, these headlines will keep coming—much to the delight of anonymized wallet holders everywhere.

What is GANA payment?

GANA Payment is a BSC-based Web3 payment project that basically helps people send crypto quickly and lets merchants accept payments easily. While not a major name in the payments industry, it has an active niche user base within the BSC ecosystem.

How the attack was first detected

The exploit came to public attention when Vlamidir S shared that the project had been drained and that ZachXBT was already monitoring the on-chain activity. 

Zach, widely respected for his ability to trace stolen funds across multiple chains, began mapping the attacker’s movements as soon as unusual wallet activity appeared.

How the funds were moved

According to early findings, the attacker consolidated the stolen assets into a primary address: 0x2e8a8670b734e260cedbc6d5a05532264aae5c38

According to @zachxbt , the project 'GANA Payment' was exploited a few hours ago for ~$3.1M+ on BSC!

Theft consolidation
0x2e8a8670b734e260cedbc6d5a05532264aae5c38

The attacker deposited 1140 BNB ($1.04M) to Tornado on BSC and bridged funds to ethereum where another 346.8 ETH… pic.twitter.com/lUBy3s3GZW

— Vladimir S. | Officer's Notes (@officer_secret) November 20, 2025

From the main consolidation wallet, the attacker immediately began moving the stolen funds through laundering channels. The first step was sending 1,140 BNB, worth roughly $1.04 million, into Tornado Cash on Binance Smart Chain. 

Tornado Cash is often used in such incidents because it mixes deposits in large pools, making it difficult to trace where the funds originally came from.

After masking the trail on the BSC, the attacker shifted part of the loot to the Ethereum network. Once the assets landed there, another 346.8 ETH (around $1.05 million) was pushed through Tornado Cash again, repeating the same mixing strategy. 

Using mixers across multiple chains is a common tactic among exploiters, as it breaks the transaction path in several places and makes on-chain tracking far more complicated.

Funds still sitting idle

Even after all the mixing, a sizeable portion of the stolen money hasn’t moved at all. Investigators have pointed out that 346 ETH, valued at roughly $1.046 million, is still untouched at the address: 0x7a503e3ab9433ebf13afb4f7f1793c25733b3cca

Funds sitting idle like this usually suggest the attacker is waiting for the noise to slow down or searching for a new route to MOVE the assets without drawing attention.

What the GANA team has said

In response to the exploit, GANA Payment issued an urgent notice confirming that its interaction contract was compromised, allowing an external attacker to steal assets. 

The team stated that both their internal engineers and an independent security firm are now conducting an emergency investigation to understand how the breach occurred, identify weaknesses, and measure the full extent of the damage.

GANA Urgent Announcement

GANA’s interaction contract has been targeted by an external attack, resulting in unauthorized asset theft. Our technical team, together with an independent third-party security firm, has initiated an emergency investigation to analyze the attack vector,…

— GANA Payment (@GANA_PayFi) November 20, 2025

GANA said it will keep users updated through official channels as the investigation progresses. 

To move forward, GANA says it is preparing a full reboot of the project. Part of that process involves compiling a complete list of all user asset addresses and checking the permissions linked to them.

The team added that it will soon share a clear recovery plan with timelines and actionable steps, aiming to protect users and eventually restore all affected assets.

Also Read: Hacker Bypasses Sonic Labs Wallet Freeze, Moves 21M $S Token

    

Google News

Mobile Only Image

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.