Qubit Finance defi protocol got attacked and exploited for $80 million and this attack is the seventh biggest by the amount of stolen funds as the data shows so let’s read more about it in today’s latest cryptocurrency news.
Binance Smart Chain-based Qubit Finance DEFI protocol was exploited for over $80 million by attackers according to the announcement the developers made:
“The hacker minted unlimited xETH to borrow on BSC. The team is currently working with security and network partners on next steps.”
Incident Analysis
The hacker called `deposit()` in the QBridge #eth contract w/o really making any deposit and emitted the Deposit event
The exploit was caused by `tokenAddress.safeTransferFrom` in QBridgeHandler.sol which didn't revert the tx when the tokenAddress is the 0x0. pic.twitter.com/jBpm2W3tUP
— CertiK Security Leaderboard (@CertiKCommunity) January 28, 2022
The addresses connected to the attack show 206,809 Binance coins got drained from the Qbridge protocol and now the assets are worth over $80 million at current prices according to the reports by PeckShield. DeFi projects like Qubit Finance rely on smart contracts rather than the third parties to offer financial services like lending, trading, borrowing, and more to the users. Qubit allows users to supply their crypto holdings to the protocol and to borrow loans against the collateral for a fixed fee. Qbridge is a cross-chain feature that enables the users to collateralize the assets on other networks without having to move the assets from one chain to another.
PeckShield that audited Qubit’s smart contract explained that Qbridge was hacked to mint a huge amount of xETH collateral which was later used to drain the BNB tokens held at QBridge. In an incident report, the security company Certik said the attacker used a deposit function in the Qbridge contract and mined 77,162 qXETH whcih represents ether bridge via Qubit. The attackers tricked the protocol to show that they deposited funds without having to make an actual deposit. The steps were repeated a few times and the attacker then converted the assets to BNB.
The protocol was exploited by;
0xd01ae1a708614948b2b5e0b7ab5be6afa01325c7
The hacker minted unlimited xETH to borrow on BSC.
The team is currently working with security and network partners on next steps.
We will share further updates when available.— Qubit Finance (@QubitFin) January 28, 2022
The exploit is the seventh biggest attack on a Defi protocol according to the funds stolen as the data from Defi Yield shows. Qubit’s QBT is down 25% in the past day and most of the fall occurred after this morning’s incident that was made public.
buy amoxicillin generic buy amoxicillin online no prescription
The developers continue to monitor the situation.
As recently reported, Three hackers drained about $1.9 million worth of Ether according to MultiChain but the co-founder of ZenGo Tal Be’Ery estimated that the total stolen amount crossed $3 million. One of the hackers swiped $1.43 million from the users that didn’t update their approvals and another hacker even offered to return 80% and kept the $150,000 as a tip.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post