Updated · Apr 19, 2022
This page may contain links to our partners’ products and services, which allows us to keep our website sustainable. Тechjury.net may receive a compensation when you sign up and / or purchase a product or a service using our links. As an Amazon Associate we earn commissions from qualified purchases. This comes at no extra cost to you. On the contrary, these partnerships often allow us to give you discounts and lower prices. However, all opinions expressed on our site are solely ours, and this content is in no way provided or influenced by any of our partners.
The attacker took advantage of a loophole to breach the protocol.
Credit-based stablecoin protocol Beanstalk fell victim to hackers exploiting its system leading to the loss of all its collateral. The protocol lost an estimated total of $182 million worth of cryptocurrency assets.
Peckshield, a reputable blockchain security firm, announced the hack:
“The BeanstalkFarms was exploited in a flurry of txs leading to the gain of $80 million+ for the hacker (The protocol loss may be larger), including 24,830 ETH and 36 million BEAN.”
BEAN is the protocol’s native token.
Peckshield added that its “initial analysis” shows a loss of $182 million. The firm went on to give a breakdown of the exploited digital assets:
On Monday, Beanstalk made an offer to the cybercriminal. It offered to let go of 10% of the exploited bounty for a return of the rest of the loot.
If you will return 90% of the withdrawn funds to the Beanstalk Farms multi-sig wallet 0x21DE18B6A8f78eDe6D16C50A167f6B222DC08DF7, Beanstalk will treat the remaining 10% as a Whitehat bounty properly payable to you.
— Beanstalk Farms (@BeanstalkFarms) April 18, 2022
The hacker responsible seeded the protocol with governance proposals requesting donations for Ukraine. Like many other DeFi projects, Beanstalk’s governance allows its users to vote on code changes. The extent of voting rights aligns with the value of tokens that a user owns.
Armed with this knowledge, the hacker took out a flash loan, a short-term credit facility that lets people borrow huge amounts of crypto. After borrowing nearly $1 billion dollars in DAI, USDC, and USDT, they took over 67% of the governance and approved their proposals.
The hacker funneled the stolen funds through Tornado Cash, a transaction privacy protocol. The platform was used in the same way by those behind the $625 million hack of Axie Infinity bridge Ronin.
Daniel Attoe
Daniel is an Economics grad who fell in love with tech. His love for books and reading pushed him into picking up the pen - and keyboard. Also a data analyst, he's taking that leap into data science and machine learning. When not writing or studying, chances are that you'll catch him watching football or face-deep in an epic fantasy novel.
Latest from Author
Your email address will not be published.
Updated · Sep 29, 2022
Updated · Sep 29, 2022
Updated · Sep 28, 2022
Updated · Sep 28, 2022
