A seasoned hacker has managed to steal $182 million in cryptocurrency from the Ethereum blockchain. The scammer attacked a decentralized finance service called Beanstalk by exploiting a security flaw in the protocol.
This Sunday, April 17, 2022, Beanstalk, a leading decentralized finance protocol that relies on the Ethereum blockchain, has been hacked. The attacker exploited a security breach within the protocol to seize funds from users.
He obviously managed to steal $182 million in Ether cryptocurrencies. It is the 10th largest hack in the digital asset industry, behind the Ronin hack ($625 million) and the Poly Network hack ($600 million).
How a Hacker Stealed $182 Million in Cryptocurrency?
The Beanstalk protocol is based on a stablecoin, a stable cryptocurrency called Bean. This DeFi service offers earn rewards by participating in the financing of a pool intended to balance the price of the Bean currency. Concretely, the funds deposited by investors make it possible to operate the stablecoin Bean. In exchange, some winners get cryptocurrencies. This type of operation, similar to a lottery, is sometimes very lucrative.
To seize the assets held by Beanstalk, the hacker bulk acquired governance tokens. Like most DeFi services, the protocol allows holders of these tokens to collectively vote on changes to the code.
The hacker seized 67% of chips thanks to a decentralized finance service that allows users to borrow large amounts of cryptocurrencies. The attacker went through the Aave protocol, which specializes in digital currency loans. In this case, the criminal borrowed nearly $1 billion in cryptocurrency in a matter of moments. These currencies were instantly converted into governance tokens, pulling the rug out from under developers. Unfortunately, Beanstalk did not have “instant loan resistance measurement”note these.
By exceeding the threshold of 67% of governance tokens, the hacker has become free to vote on code changes and deploy smart-contracts, or smart contracts. Quickly, the scammer also launched an intelligence contract on the network. This contract contained a piece of malicious code.
The whole process took no more than 13 seconds, reveals CertiK, a famous blockchain analysis firm. “The Beanstalk contract on the Ethereum mainnet was exploited via a previously unknown issue with the Beanstalk governance process”says Beanstalk Farms, the development team behind the protocol.
Once the funds were recovered, the striker repaid the original loan, generating a profit of $80 million. Note that the scammer took the opportunity to send a donated $250,000 to a support organization for Ukraine. A total of $182 million has indeed disappeared from the Beanstalk network. The funds are partly passed through services allowing to launder cryptocurrencies, like Tornado Cash.
On the same topic: A malicious NFT can steal all your cryptocurrencies
An attack with multiple consequences
According to Ronghui Gu, CEO and co-founder of CertiK, attacks using instant loans are on the rise in the cryptocurrency world. “These attacks further underscore the importance of a security audit, and also education on security issues when writing code for a Web3 service”explains Ronghui Gu.
This large-scale hacking caused a sharp crash in the price of the stablecoin Bean. Stabilized at one dollar, the token suddenly fell to 19 cents. People who kept their Bean holdings lost considerable sums. On Twitter, many netizens claim to have kept millions of dollars in Bean.
Protocol developers quickly committed to “safely relaunch a more secure Beanstalk” in the near future. The creators of the DeFi service can notably rely on their loyal community. “The Beanstalk community has shown incredible support for the project and provided many thoughtful ideas for what’s next”add the developers.
Despite the innovations offered by decentralized finance, we advise you to remain cautious when depositing your funds on DeFi services. It is not uncommon for a breach to be exploited by a hacker for the purpose of enriching themselves.