Welcome Bonus: Sign Up & Get Up to $150 in BTC

Get Started
DeFi protocol Qubit Finance exploited for $80 million in a recent hack DeFi protocol Qubit Finance exploited for $80 million in a recent hack

DeFi protocol Qubit Finance exploited for $80 million in a recent hack

The attacked DeFi protocol on Binance Smart Chain lost 206.809 BNB.

DeFi protocol Qubit Finance exploited for $80 million in a recent hack

Cover art/illustration via CryptoSlate

๐Ÿ‘‹ Want to work with us? CryptoSlate is hiring for a handful of positions!

Losing $80 million worth of BNB tokens in a recent hack, Qubit Finance joined the unfortunate list of exploited DeFi protocols on Binance Smart Chain (BSC).

The DeFi lending protocol reported the incident in a Twitter post, revealing that the malicious attacker exploited a vulnerability on the Qubit Bridgeโ€“a cross-chain bridge to Ethereum.

What happened?

The Qubit team flagged the hackerโ€™s address and published a detailed report which includes an analysis of the attack.

QBridge enables users to deposit WETH from Ethereum mainnet to Qubitโ€™s BSC-based smart contract, and mint xETH that can be used as collateral to borrow on BSC.

However, the attacker exploited the vulnerability and managed to mint unlimited xETHโ€“without depositing WETH.

Using the minted xETH as collateral, the attacker drained 206,809 BNB from the lending protocol, worth roughly $80 million.

The Qubit team is continuing to monitor the affected assets, which, at the time of writing, havenโ€™t moved from the flagged address.

Qubit attempts to contact the attackerย 

The exploited protocol also made attempts to contact the attacker.

In an on-chain message, the team offered a bounty of $250.000 in return for the stolen assetsโ€“the maximum amount set by Qubit’s ongoing bug bounty program.

โ€œWe pursue you to negotiate directly with us before taking any further action. The exploit and loss of funds have a profound effect on thousands of real people,โ€ wrote the protocol on Twitterโ€“urging the attacker to cooperate.

โ€œIf the maximum bounty offer is not what you are looking for, we are open to having a conversation. Letโ€™s figure out a solution,โ€ the team added.

While the team continues cooperating with security and network partners, including Binance, the protocol disabled Supply, Redeem, Borrow, Repay, Bridge, and Bridge redemption functions until further notice.ย 

According to DeFi Yieldโ€™s REKT Database, Qubit Finance exploit ranks as the seventh-largest attack by the amount stolen.

Posted In: DeFi, Hacks