Losing $80 million worth of BNB tokens in a recent hack, Qubit Finance joined the unfortunate list of exploited DeFi protocols on Binance Smart Chain (BSC).
The DeFi lending protocol reported the incident in a Twitter post, revealing that the malicious attacker exploited a vulnerability on the Qubit Bridge–a cross-chain bridge to Ethereum.
Kas atsitiko?
The Qubit team flagged the hacker’s address and published a detailed report which includes an analysis of the attack.
Protocol Exploit Report
This report includes an analysis of the attack in its entirety in order to ascertain the nature of the exploit and, to prevent any similar exploits in the future.https://t.co/0152W0X553– „Qubit Finance“ (@QubitFin) Sausis 28, 2022
QBridge enables users to deposit Šlapias from Ethereum mainnet to Qubit’s BSC-based smart contract, and mint xETH that can be used as collateral to borrow on BSC.
However, the attacker exploited the vulnerability and managed to mint unlimited xETH–without depositing WETH.
Using the minted xETH as collateral, the attacker drained 206,809 BNB from the lending protocol, worth roughly $80 million.
The Qubit team is continuing to monitor the affected assets, which, at the time of writing, haven’t moved from the flagged address.
Qubit attempts to contact the attacker
The exploited protocol also made attempts to contact the attacker.
In an on-chain message, the team offered a bounty of $250.000 in return for the stolen assets–the maximum amount set by Qubit’s ongoing bug bounty program.
[Our message to the exploiter]
The team is glad to have a conversation with you.https://t.co/4SxtuD6pQY pic.twitter.com/V9bICKvWda– „Qubit Finance“ (@QubitFin) Sausis 28, 2022
“We pursue you to negotiate directly with us before taking any further action. The exploit and loss of funds have a profound effect on thousands of real people,” wrote the protocol on Twitter–urging the attacker to cooperate.
“If the maximum bounty offer is not what you are looking for, we are open to having a conversation. Let’s figure out a solution,” the team added.
While the team continues cooperating with security and network partners, including Binance, the protocol disabled Supply, Redeem, Borrow, Repay, Bridge, and Bridge redemption functions until further notice.
According to DeFi Yield’s REKT Database, Qubit Finance exploit gretas as the seventh-largest attack by the amount stolen.
„CryptoSlate“ naujienlaiškis
Pateikiama svarbiausių kasdienių istorijų kriptovaliutų, DeFi, NFT ir kt. pasaulyje santrauka.
Gaukite kraštas kriptografinių rinkinių rinkoje
Pasiekite daugiau šifravimo įžvalgų ir konteksto kiekviename straipsnyje kaip mokamas narys „CryptoSlate Edge“.
Grandininė analizė
Kainos momentinės nuotraukos
Daugiau konteksto
Prisijunkite dabar ir gaukite 19 USD per mėnesį. Naršykite visus privalumus
Source: https://cryptoslate.com/defi-protocol-qubit-finance-exploited-for-80-million-in-a-recent-hack/