ZachXBT, an onchain investigator, claims that the GANA Payment project was attacked for over $3.1 million earlier on Wednesday. The attacker laundered the stolen money between Ethereum and BNB Smart Chain.

The majority of the stolen cryptocurrency was converted into BNB by hackers at the BSC address “0x2e8…e5c38.”  The first effort to break traceability was then made by depositing 1,140 BNB, or around $1.04 million, into Tornado Cash on BSC.

GANA Urgent Announcement

GANA’s interaction contract has been targeted by an external attack, resulting in unauthorized asset theft. Our technical team, together with an independent third-party security firm, has initiated an emergency investigation to analyze the attack vector,…

— GANA Payment (@GANA_PayFi) November 20, 2025

Bridge to Ethereum

According to ZachXTB, the exploiter transferred an extra 346.8 ETH, or around $1.05 million, into Tornado Cash after bridging the remaining assets to Ethereum.

The onchain investigator revealed via his official Telegram channel that an additional 346 ETH, valued at around $1.046 million, is presently inactive at the Ethereum address “0x7a5…b3cca.”

Also Read: Crypto Exchange Woo X Halts Withdrawals After $14 Million Cybersecurity Breach

Based on the BEP-20 GANA token, GANA Payment is a small payment token project on BSC.  With little technical documentation accessible to the general public, the concept mainly uses onchain liquidity pools and decentralised exchanges.

There are no official audits or comprehensive security resources available.  The underlying vulnerability’s specifics are yet unknown.

GANA price actions

Data shows GANA’s token tumbled by more than 91% following the incident.

The token is trading at $0.25480 at the time of writing and the global market cap is at $2.5 million.

Rising hacks in 2025

This year, the BNB Chain has seen an increasing number of mid-sized exploits. Smaller BSC-based projects lost more than $100 million in total in 2025, according to DefiLlama’s hacking tracking.

A number of examples, including the Future Protocol disaster, were caused by key compromise attacks, liquidity pool drains, and contract flaws.

One of the biggest DeFi attacks of 2025 occurred this month at Balancer, when wrapped ETH and other assets from numerous networks were stolen for several hours.  When the network’s engineers regained control, the losses had exceeded $116 million, compared to the $70 million that blockchain investigators had projected.

The multi-chain lending protocol Moonwell lost almost $1 million the next day as a result of faulty oracle data.  The attacker stole 295 ETH by borrowing and trading certain bundled ETH assets by taking advantage of price differences.

Tornado Cash is often the ultimate destination in today’s GANA Payment attack, which follows the same pattern observed in many of those cases: fast draining, consolidation, cross-chain bridging, and mixing.

Also Read: Monero $XMR Suffers 13% Price Drop After Qubic Mining Pool Executes Successful ‘51% Attack’ On Monero Network