Trading halts on Ankr due to exploit

01895083-a365-4b43-8bca-f62b0cb60d6c

Written by

William Miller
Published on

December 2, 2022


Key points: 

  • Ankr has confirmed that aBNB token had been exploited.
  • The attackers minted 20 trillion aBNBc. 
  • The attackers used Uniswap, Tornado Cash, and various bridges to swap and obfuscate funds for an estimated $5 million worth of USD.
  • Massive minting caused the price of aBNBc to drop 99.5 percent from $303.89 to $1.53 in a matter of hours. 
  • Binance is working to further investigate the matter, adding that Binance’s user funds are not at risk.

Ankr, a decentralized finance (DeFi) protocol based on the BNB chain, has confirmed that it was hit with a multi-million dollar attack on Dec. 2.

The attack appears to have been first spotted by on-chain security analyst PeckShield around 00:35 UTC on December 2.

Within an hour of the attack, Ankr confirmed on Twitter that the aBNB token had been exploited and that they were working with the exchange to immediately stop trading the infected token.

Ankr Tweet

The attackers were allegedly able to mint 20 trillion Ankr Reward Bearing Stacked BNB (aBNBc), a BNB reward-bearing token staked on the protocol.

The attackers have since used services such as Uniswap, Tornado Cash, and various bridges to swap and obfuscate funds for an estimated $5 million worth of USD token receipts, according to a Twitter post from on-chain analytics firm Lookonchain.

A subsequent post also added that "all underlying assets on Ankr Staking are currently safe and all infrastructure services are unaffected".

Lookonchain

In a comment on the attack, blockchain security firm Beosin said the exploit could be the result of a vulnerability in the smart contract code combined with a leaked private key, which may have stemmed from a technique by the Ankr team about 12 hours ago. 

Beosin also noted that the massive minting caused the price of aBNBc to drop 99.5 percent from $303.89 to $1.53 in a matter of hours, according to CoinMarketCap.

Beonis Alert Tweet

A Beosin spokesperson told: “It is possible that the deployer’s private key was exposed in this upgrade, leading to an attacker using deployer privileges to modify the contract."

In a Twitter post on Dec. 2, cryptocurrency exchange Binance confirmed that its team is working with interested parties to further investigate the matter, adding that Binance’s user funds are not at risk. The Twitter page for the BNB chain also stated that the wallet address of the exploiter had been blacklisted.


From the blog

The latest industry news, interviews, technologies, and resources.

Comprehensive Btcman guide to show the perks and propositions of pragmatic play provider💲One of the most famouse in the casino gaming industry

Overview on slots, bonuses, software and features of Pragmatic Play

Comprehensive Btcman guide to swing trading crypto strategies, bots, taxes, platforms, and indicators for profiting from medium-term price moves.

Photo of Swing Trading Crypto ➤ Riding the Waves for Profit
View all posts