News
Binance freezes $3M from Ankr exploit Binance freezes $3M from Ankr exploit

Binance freezes $3M from Ankr exploit

A hacker exploited a bug in Ankr Protocol's code to mint six quadrillion aBNBc tokens and converted part of it into $5 million USDC.

Binance freezes $3M from Ankr exploit

Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.

Receive, Manage & Grow Your Crypto Investments With Brighty

Binance CEO Changpeng Zhao revealed on Dec. 2 that the exchange froze around $3 million of the funds from Ankr’s hack.

Hacker exploits Ankr Protocol’s code

A hacker exploited a bug in Ankr Protocol’s code to mint six quadrillions of aBNBc token and converted part into $5 million USDC.

ANKR protocol hack
Source: Nansen Intern

Blockchain security firm Peckshield said its analysis of the aBNBc token contract showed that it has an unlimited mint bug that allows for the arbitrary mint of the tokens.

Another blockchain security company, Beosin, tweeted that the attack was likely due to a private key compromise because the deployer changed the implementation contract address before the attack. The attacker then called the mintApprovedTo function, which allowed anyone to mint tokens.

According to CoinMarketCap, aBNBc is a reward-bearing token whose value grows as its redemption ratio grows.

Attacker nets $5 million

Lookonchain tweeted that the exploiter minted 20 trillion tokens and dumped it on Pancakeswap.

PeckShield said the exploiter bridged the stolen funds to Ethereum via celer and deBridgeGate and also transferred some of these funds through Tornado Cash. The firm added that the exploiter moved 900 BNB ($253,000) to Tornado Cash and bridged 3000 ETH and $500,000 USDC to Ethereum.

Ankr confirms exploit

Ankr confirmed on Dec. 2 that its aBNB token was exploited.

According to the decentralized web3 infrastructure provider, it is in touch with exchanges to stop trading. The firm added, “all underlying assets on Ankr Staking are safe at this time, and all infrastructure services are unaffected.”

It also urged all liquidity providers to remove their liquidity from DEXs, adding that the tokens would be reissued soon.

Crypto traders profit

A crypto trader capitalized on this hack and used 10 BNB to make $15 million in profit, according to PeckShield.

Wu Blockchain reported that the trader converted the 10 BNB for 183,384.92 aBNBc. He then exchanged his aBNBc holding to hBNB and staked it on Helio protocol to lend $16 million BHAYO, which was then exchanged into HAY.

The trade caused the HAY Stablecoin to depeg. As of press time, the stablecoin has lost 33% of its value and is trading for $0.69.

Meanwhile, the Helio Protocol team said it was aware of the exploit and would provide more information soon.

Separately, Lookonchain reported that a trader who shorted the Ankr’s protocol native token made a 53.25% return.

aBNBc, ANKR, BNB price falls

CryptoSlate data shows that the hack has negatively impacted the price of ANKR and BNB.

According to the data, ANKR fell by 4% in the last 24 hours to $0.02155, while BNB is down 3% to $289 as of press time.

Meanwhile, CoinMarketCap data showed that aBNBc plunged by 99.51% to $1.51 as of press time.

Mentioned in this article
Posted In: , Hacks