+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 
  • Home
  • investment
  • news»
  • Attackers swipe $80 million from ethereum DeFi project Beanstalk in one of the largest flash-loan exploits ever

Attackers swipe $80 million from ethereum DeFi project Beanstalk in one of the largest flash-loan exploits ever

Phil RosenApr 18, 2022, 22:45 IST
Business Insider
Bill Hinton/Getty Images
  • Cyber-attackers stole $80 million from stablecoin protocol Beanstalk in a massive flash-loan swindle Sunday.
  • As a result, the credit-focused decentralized finance protocol lost its $182 million in total value locked.
Advertisement

Cyber-attackers targeted ethereum-based stablecoin project Beanstalk Farms and made away with roughly $80 million in tokens in one of the largest flash-loan exploits ever.

As a result, the credit-focused decentralized finance protocol lost its $182 million in total value locked, meaning the overall value of crypto assets deposited. Its native token, BEAN, which is meant to be pegged to the dollar, fell more than 75% over the last day.

"We are not aware of the identity of the individuals who were involved," the founders said in the Beanstalk Discord channel. "Like all other investors in Beanstalk, we lost all of our deposited assets in the Silo, which was substantial."

Meanwhile, the attackers have already moved the entire $80 million in tokens they swiped into Tornado Cash to hide the funds, according to blockchain research firm PeckShield and Bloomberg.

The security breach stemmed from an infiltration of the governance proposal system of the protocol, which opened the door to the attack. The exploiter asked for the protocol to send funds to Ukraine as a donation, but the proposal had a malicious rider attached to it, leading to the fund drain.

Advertisement

This case was not a technical hack, per se, but an exploitation of a design flaw in the governance procedure, which a project spokesperson addressed on Monday, CoinTelegraph reported.

"It's unfortunate that the same governance procedure that put beanstalk in a position to succeed was ultimately its undoing," the spokesperson said.

In decentralized finance, so-called flash loans are made when users borrow massive sums of stablecoins without any collateral — something that isn't possible in traditional lending.

The lending and borrowing process is meant to happen within a single transaction on the blockchain instantaneously and is not uncommon among arbitrage traders.

However, by manipulating the protocol or smart contract code, an attacker can exploit vulnerabilities in the transaction and drain funds.

Advertisement

Notably, the exploiters of Beanstalk did donate $250,000 of stablecoin USDC to Ukraine.

You are subscribed to notifications!
Looks like you've blocked notifications!
Latest Stories
Harnessing AI: How AI is reshaping industries
Exploring the strangest phobias you've never heard of
Sitting vs. Standing: Settling the debate on workplace health
Sensex down by over 900 points, Nifty tanks 300 points ahead of US election results
The rise of micro-acquisitions in India: How Flippa is driving the trend
Trending News
Next Article
Next Story
Popular Categories
Trending Right Now

Copyright @ 2024. Times Internet Limited. All rights reserved.For reprint rights. Times Syndication Service.