

Attackers attacked DeFi protocol Ankr and released a huge amount of aBNBc tokens. The price of the synthetic asset used in staking collapsed to zero.
Our aBNB token has been exploited, and we are currently working with exchanges to immediately halt trading.
— Ankr (@ankr) December 2, 2022
The project team confirmed the incident and assured users that their funds are safe. She promised to reissue aBNBc and reimburse losses based on a snapshot of accounts.
Further instructions from the Ankr team:
1. Do not trade
2. Remove liquidity from DEXes if you are a liquidity provider (and keep the aBNBc)
3. Snapshot will be done and wait for additional news
4. Will do a reissuance of aBNBc— Ankr (@ankr) December 2, 2022
According to PeckShield specialists, the hacker made a profit in the amount of ~$15 million, borrowed assets in the HAY stablecoin as collateral from aBNBc through the Helio Protocol. The price of the “stable coin” pegged to the dollar fell by 61% at the moment.
#PeckShieldAlert 0x8d11F…217 is capitalizing off the $aBNBc exploit
10 $BNB -> 183,384.92 $aBNBc->$hBNB and staked them into Helio Protocol to lend ~$16M BHAY0 & exchanged them into $HAY
Profit: ~$15Mhttps://t.co/YLwhIENcL7$HAY has dropped -61% https://t.co/EKPrYojuHY pic.twitter.com/txTKY042sd— PeckShieldAlert (@PeckShieldAlert) December 2, 2022
Lookonchain experts determined that the attacker received about 4 million USDC and 5,000 BNB as a result of exchanges. He exchanged the latter mainly for a stablecoin from Center, and sent 900 BNB to the Tornado Cash mixer.
3.
He exchanged a total of 4,050,500 $USDC and 5,000 $BNB ($1.5M)
And he exchanged 4,500 $BNB for 1,293,087 $USDCand deposited 900 $BNB into https://t.co/11PfRBP2j2. pic.twitter.com/61OlF50YJS
— Lookonchain (@lookonchain) December 2, 2022
Binance stated that the hack did not affect users of the platform and that their funds are safe.
We are aware of the attack targeting @ankr‘s aBNBc token. Our team is engaged with the relevant parties and @BNBCHAIN to investigate further.
This is not an attack against #Binance, and your funds are SAFU on our exchange. This thread will be updated should there be any updates.
— Binance (@binance) December 2, 2022
A DeFi analyst under the pseudonym Ignas.lens noted that during the audit, PeckShield experts pointed out the vulnerability of the administrator’s key, which allows the privileged release of aBNBc. However, the team ignored the warning.
Another example that just having an audit doesn’t mean it’s safe.
Ankr received an Audit from Peckshield warning about ‘trust issue of Admin Keys’ which has privileged minting aBNB tokens.
The team ‘Confirmed’ the warning, but it seems they have not fixed it. https://t.co/ypMSepPco8 pic.twitter.com/KOKCkSTuQZ
— Ignas.lens | DeFi Research (@DefiIgnas) December 2, 2022
Against the background of the incident, the price of the synthetic asset based on BNB collapsed to zero, according to CoinGecko.
Let us remind you that in November the losses of cryptoprojects were hacked amounted to $391.6 million, calculated at PeckShield. Most of the amount was due to the theft of funds from the village bankrupt FTX ($340 million) and hacking of the Deribit hot wallet ($28 million).
Read bitcoin news ForkLog in our Telegram – cryptocurrency news, courses and analytics.
Found an error in the text? Select it and press CTRL+ENTER