GANA Payment Exploited for $3.1M, Hacker Laundered via Tornado

GANA Payment, a payments focused crypto project operating on the BNB Chain. It has been hit by a major exploit. That drained more than $3.1 million from its contracts. The attack is flagged by blockchain investigator ZachXBT. It is the latest reminder of how quickly funds can disappear across chains. When vulnerabilities meet determined attackers.

Hacker Moves Fast With Stolen Funds

The GANA Payment exploit occurred within hours. The attacker wasted no time dispersing the stolen assets. According to ZachXBT’s on-chain analysis, the attacker first consolidated the stolen funds into a single address. Then began the laundering process. The attacker deposited 1,140 BNB worth roughly $1.04 million into Tornado Cash on the BNB Chain. 

Tornado Cash is a popular crypto mixer. It is often used to obscure transaction trails by blending deposited assets with large liquidity pools. This step made the stolen funds significantly harder to track. Next, the attacker bridged a portion of the funds to Ethereum. Once on Ethereum , they deposited 346.8 ETH around $1.05 million into Tornado Cash again. Continuing the laundering strategy across chains. Despite this activity, an additional 346 ETH is valued at roughly $1.046 million. Currently sits untouched in the attacker’s Ethereum wallet.

On-Chain Details Reveal a Clean Execution

Transaction logs on BscScan show seven outgoing transactions from the primary attacker address. These movements include multiple transfers of BUSD-T and small amounts of BNB. With fees so low they barely registered. The address now holds less than 0.01 BNB, essentially drained after distributing or mixing the stolen funds. On Ethereum, the GANA Payment attacker’s wallet holds more than 346 ETH. The address shows only one major interaction since receiving the bridged funds. 

An approval transaction for USDT. No major outflows have occurred yet. This suggests the attacker may be waiting for the right moment to move the remaining balance. These findings highlight how quickly attackers adapt and spread stolen assets across multiple networks. Each bridge, approval and mixer deposit makes it harder and harder for investigators to freeze or recover funds.

Community Reacts as Security Questions Rise

For many users, the GANA Payment exploit reinforces ongoing fears about protocol security. Especially for smaller or less established projects. While major chains like BNB Chain and Ethereum offer strong infrastructure. The vulnerabilities within individual projects can lead to massive losses. Security analysts have urged GANA Payment to release a detailed post-mortem as soon as possible. They also recommend halting any affected contracts, notifying users and coordinating with exchanges to flag suspicious wallet activity.

What Happens Next?

Currently, the attacker still controls more than a million dollars in unlaundered ETH. Whether that amount moves next, or simply sits dormant, remains unclear. Recovery appears unlikely, but investigators continue to monitor the attacker’s wallets for new activity. For the broader crypto community, the GANA Payment exploit is yet another push to prioritize real security audits and smarter contract design. In a space where money moves fast, prevention remains the only real defense.