There's been yet another massive crypto heist
Date:
Mon, 18 Apr 2022 11:21:46 +0000
Description:
A threat actor abused a flash loan service to successfully withdraw millions of dollars in cryptocurrency
FULL STORY ======================================================================
A flaw in the operations of Beanstalk Farms, a stablecoin protocol, has allowed an unknown threat actor to siphon $182 million from the network, it has emerged.
A stablecoin is a cryptocurrency token thats pegged to a regular currency or another stable asset, such as gold. As such, stablecoins have a stable value compared to more volatile cryptocurrencies, such as bitcoin.
Beanstalk Farms is a stablecoin protocol that operates on the Ethereum network, and issues the BEAN governance token, which gives owners voting
power for any changes to the network itself.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Flash loans
Describing the incident in a Discord post, the company said the attacker discovered a vulnerability in its governance system, made possible with the help of a flash loan service. There was no malware , stolen passwords , or fake identities used in the attack.
Flash loans are like regular loans, the only difference being that they
happen in a flash. These instant loans are made possible with the unique nature of blockchain technology. However, in this particular case, flash
loans helped the attacker steal the money from the protocol. The threat actor used the flash loan service Aave to buy a large amount of BEAN.
Now in possession of a large proportion of BEAN, the attacker was able to
pass a malicious governance proposal and siphon out all of the protocols
funds into a private ETH wallet. Read more
The maker of Axie Infinity just suffered one of the largest heists in
crypto history
FBI says North Korean Lazarus group was behind huge crypto theft
2FA compromise led to Crypto.com hack
Beanstalk did not use a flash loan resistant measure to determine the % of Stalk that had voted in favor of the BIP, the Discord post reads. This was
the fault that allowed the hacker to exploit Beanstalk.
A part of the funds ($250,000) was sent to a Ukrainian relief wallet,
CoinDesk reported.It is currently unclear whether the company will reimburse the affected customers.
Crypto hacks are becoming more devastating by the day. Earlier this year, hundreds of millions of dollars in cryptocurrency was stolen from the Ronin Network , which provides the "blockchain bridge" that powers NFT game Axie Infinity. If you're looking to prevent data loss, check out our list of the best services here
Via CoinDesk
======================================================================
Link to news story:
https://www.techradar.com/news/theres-been-yet-another-massive-crypto-heist/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)