All news

BSC-based Qubit Finance suffers major attack, loses $80 million from pool funds

Posted on by admin
28
Jan

The amount of money lost in hacks of decentralized financed (DeFi) projects more than doubled to $1.3 billion in 2021. “State of DeFi Security” research report had highlighted the same concern. This marked a 2500% increase from 2020. Well, here’s an addition to the 2022 tally.

The seventh-largest crypto exploit

Binance Smart Chain-based Qubit Finance, launched by PancakeBunny, is currently trending within the crypto community, although for the wrong reason. The protocol was hacked according to the report from auditing firm PeckShieldThe attacker stole a large amount of xETH collateral and about $80 million from the pool’s funds.

According to DeBank data, the address related to the attack on Qubit Finance (0xd01ae1a708614948b2b5e0b7ab5be6afa01325c7) exchanged stolen ETH, BTCB, DAI and other assets for BNB. The wallet address had more than 200,000 BNB worth nearly $80 million.

In an incident report, security firm CertiK said the attacker used a deposit function in the QBridge contract and illicitly minted 77,162 qXETH. An asset that represented ether bridged via Qubit. Attackers tricked the protocol to show that they had deposited funds without making an actual deposit. These steps were repeated several times, and the attacker then converted all the assets to BNB.
A few hours ago, the project’s official Twitter account confirmed the hack and provided the latest update in a report. It included an analysis of the attack to ascertain the nature of the exploit. Further, to prevent any similar exploits in the future.

Now, talking about the present one, the incident timeline looked like this,

The team, at the time of writing was tracking and monitoring affected assets. In addition to this, they also contacted the exploiter to offer the maximum bounty.
Joining the ride: As per data from analytics tool DeFi Yield, this was the 7th largest attack on a DeFi protocol by the amount of funds stolen. Needless to say, Polynetwork was leading the pack. Last month the Grim Finance protocol lost $30 million in an exploit.

Too late to apologise? 

Original token price from Qubit, QBT, was down more than 26% from an intraday high of $0.0067 to a low of $0.0048. The graph below showcased the free-fall just minutes post-attack. 
Needless to say, users weren’t happy with the said loss. Different individuals portrayed their frustration on Twitter.
admin