www.theblock.co
A series of combined attacks against infrastructure provider Ankr and stablecoin issuer Helio Protocol cost a total of $20 million, according to data security firm BlockSec's chain analysis.
The first attack was against a liquid token product managed by Ankri, resulting in over $5 million in damages. BlockSec and other analysts claimed that an unknown hacker exploited a vulnerability in Ankri's smart contract and mined trillions of aBNBc.
After the attacker minted these tokens, they sold and drained all their liquidity through decentralized exchanges on the BNB chain for over $5 million. Ankr acknowledged the exploit and added that it is working with hubs to block repositories from addresses linked to the attacker.
When a hacker sold a large amount of aBNBc on decentralized exchanges, the price of the aBNBc token dropped by more than 99%. This opened a space for new exploitation.
In this second case, someone acquired about 12.6 million aBNBc tokens for 300 BNB ($87,000), BlockSec found. The attacker then deposited the tokens in Helio Protocol, a stalcoin exchange based on the BNB chain, to exploit the funds.
An attacker was able to borrow $16 million in HAY stablecoin and only $87,000 in aBNBc collateral because the oracle system used by Helio Money did not update aBNBc prices after a rapid crash. The attacker traded his HAY stablecoin for $15 million of Binance USD (BUSD), resulting in massive damage to the protocol.
BlockSec announced that $15 million of the funds stolen in the second attack went to the crypto exchange Binance. According to Binance CEO Changpeng Zhao, 3 million dollars in funds have been captured so far.
🌐 source
Posting Komentar