DeFi Editor's Picks

Ankr Defi Protocol Suffers a Multi-million Dollar Attack

Ankr Defi Protocol Suffers a Multi-million Dollar Attack

The BNB chain-based Ankr defi protocol has suffered a significant exploit as a result of a major bug in its code that allowed for limitless minting of its token. The team has already confirmed this on Twitter and stated that none of the infrastructure services was affected and that all staking assets remained secure.

The Ankr contract’s code, according to security analytics company PeckShield, reportedly permits any user to create an infinite number of the protocol’s reward-bearing staking tokens without verification. This made it possible for the attacker to issue six quadrillion aBNBc tokens.

The attacker was able to exchange 20 trillion of the aBNBc token for BNB after creating the quadrillions of aBNBc. According to a Twitter tweet from another on-chain analysis firm Lookonchain, the exploiter has subsequently swapped and obfuscated the funds using services like Uniswap, Tornado Cash, and different bridges to earn about $5 million in USD Coin (USDC).

The platform’s Ankr Reward Bearing Staked BNB (aBNBc) has dropped by more than 99% since the attack. According to Coinmarketcap data, the token has fallen from over $300 to just $1.5 in the last 24 hours, although with a trading volume of 14,138% at press time.

Ankr Defi Protocol Suffers a Multi-million Dollar Attack

Ankr Asks for Immediate Withdrawal Halting

The platform acknowledged the exploitation of the decentralized finance protocol while also confirming the exploitation of its Ankr Reward Bearing Staked BNB (aBNBc) coin.

They said they were currently working with exchanges to immediately stop trading. The CEO of Binance, CZ confirmed that his exchange had paused withdrawals and also froze about $3m that hackers moved to the platform.

“We are currently drafting a plan and we are committed to compensating affected users,” Ankr Tweeted.

The team, who also pledges to reissue the almost zeroed aBNBc, encourages users not to trade and, if they are liquidity providers, to remove liquidity from DEXes.

On the other hand, an opportunistic trader profited from the exploit and converted 10 BNB ($2,885) into 15.5 million BUSD. The trader achieved this by using Helio, a DeFi lending protocol, which did not have accurate pricing for aBNBc post-crash.

The trader was also able to borrow $16 million of the seldom traded HAY stablecoin and convert it into BUSD by using the pre-crash aBNBc price. This has knocked the HAY stablecoin off its peg, falling as low as 20 cents, but is presently recovering again, with a price of 63 cents, according to CoinMarketCap.

Related posts

Richard Teng’s First Words After Being Announced as the New CEO of Binance

jose

Can Binance Coin Flip Ethereum?

Steven Msoh

In several Russian regions legalize the use of cryptocurrencies

alfonso