DeFi protocol Ankr suffers exploit, Binance cleans up situation – Is a price drop for Ethereum to come?

  • The hacker exploited a bug in Ankr’s aBNBc smart contract which allowed him to mint six quadrillion aBNBc tokens.
  • Assessing the damage at around 5 million USD, Ankr has announced to compensate all the affected users.

Earlier today, DeFi protocol Ankr, also popular as the first ‘node-as-a-service’ platform, faced a massive exploit due to a bug in its code that allowed the hacker unlimited minting of its token aBNBc.

Blockchain analytics and security platform PeckShield was among the first to report the hack. They noted that the code behind Ankr’s aBNBc smart contract allowed any user to mint an unlimited amount of reward-bearing staking tokens without any need for verification. As a result, the attacker ended up minting six quadrillion aBNBc tokens.

After minting these massive amounts of aBNBc tokens, the hacker was successful in swapping 20 trillion tokens for BNB and further moving them to crypto mixer TornadoCash. Later, the attacker swapped these BNB tokens for a staggering 5 million USDC or $5 million. According to information by PeckShield, part of the looted digital assets were bridged via Celer and deBridgeGate.

With this, the hacker has completely drained the aBNBc liquidity pools of ApeSwap and PancakeSwap. With this, the price of aBNBc tokens, which has $300 by yesterday, has turned into dust.

Follow us for the latest crypto news!

Binance helps to probe the attack

Soon as the news of the Ankr protocol hack spread, crypto exchange Binance jumped in to offer help in probing the attack. Binance chief Changpeng Zhao informed the exchange to pause withdrawals a few hours ago. Besides, they have also frozen $3 million moved by the hacker to Binance. In his tweet earlier today, CZ wrote:

Possible hacks on Ankr and Hay. Initial analysis is developer private key was hacked, and the hacker updated the smart contract to a more malicious one. Binance paused withdrawals a few hrs ago. Also froze about $3m that hackers move to our CEX.

It was just recently that BNB Chain introduced a liquid staking feature via Ankr. This allowed users to earn interest by assigning their BNB tokens to the liquid staking contract and in return receive aBNBc.

The crypto exchange has also ensured that all Binance users aren’t affected by this chaos. “This is not an attack against #Binance, and your funds are SAFU on our exchange,” the exchange said.

Ankr to Purchase $5 Million Worth of BNB

Ankr has swept in to do the damage control after assessing the actual loss. The protocol has also decided to compensate all the affected users. It said:

Subscribe to our daily newsletter!

          No spam, no lies, only insights. You can unsubscribe at any time.

Ankr will purchase 5m worth of BNB and use this to compensate in totality the liquidity providers that have been affected by the exploit due to the drainage of the liquidity pool. We will take a snapshot and reissue ankrBNB to all valid aBNBc holders before the exploit. The ankrBNB token will continue to be redeemable, while aBNBc and aBNBb will no longer be redeemable.

Crypto News Flash does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. Readers should do their own research before taking any actions related to cryptocurrencies. Crypto News Flash is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned.

About Author

Bhushan is a FinTech enthusiast and holds a good flair for understanding financial markets. His interest in economics and finance draw his attention towards the new emerging Blockchain Technology and Cryptocurrency markets. He is continuously in a learning process and keeps himself motivated by sharing his acquired knowledge. In his free time, he reads thriller fictions novels and sometimes explores his culinary skills.

Comments are closed.