Decentralized Finance Protocol Ankr Faces Exploit
Ankr, a BNB Chain-powered decentralized finance (DeFi) system, has acknowledged that it was the victim of a multimillion-dollar hack on December 1. Ankr has announced that it is collaborating with cryptocurrency exchanges to immediately cease trade of its aBNBc coin, which is rewarded for staking BNB tokens. The exploit seemed to have been identified for the first time by on-chain security analyst PeckShield about 12:35 UTC on December 2.
In under an hour of the hack, Ankr acknowledged on Twitter that the aBNB coin has been breached and is collaborating with cryptocurrency exchanges to quickly suspend trade. According to reports, the hacker was able to create 20 trillion Ankr Reward Bearing Invested BNB (aBNBc) tokens, which are reward-bearing tokens for BNB staked on the network.
As per a tweet from on-chain research business Lookonchain, the hacker has subsequently utilized services like as Uniswap, Tornado Cash, and numerous bridges to switch and disguise the money in order to acquire about $5 million USD. Coin Additionally, it emphasized in a subsequent statement that “all underlying securities on Ankr Staking are secure and all frameworks are undisturbed at this moment.”
With regards to the attack, blockchain security firm Beosin indicated that the hacking incident was probably the result of security breaches in the smart contract code coupled with vulnerable private keys, which may have resulted from a technical overhaul performed by the Ankr team approximately 12 hours prior. Beosin also stated that the massive minting incident led the price of aBNBc to drop 99.5% in a matter of hours, from $303.89 to $1.53, as per CoinMarketCap statistics.
“It is probable that the deployer’s private key was revealed in this update, enabling an attacker to change the contract utilizing deployer rights,” a Beosin representative informed Cointelegraph.
In a Dec. 2 Twitter post, Binance also verified that its team is collaborating with appropriate parties to examine the problem further and that user money are not at danger.