Hackers stole $180 million from a decentralized finance (De-Fi) in cryptocurrency form at Beanstalk Farms, San Francisco.
Beanstalk has its own central funding pool, where people earn rewards by contributing money, the funding pool is used to balance the value of one token close to $1, reports the edge.
“While suffering the attack, Beanstalk Farm team is investigating the exploit and will announce to the community as soon as possible”. Company said it in a tweet.
Note : Now put your ethical hacking training into real-life practice from Cryptus Certified Ethical Hacker.
The attack was spotted by Blockchain Analytics Company PeckShield.
The attacker used a flash loan obtained through the decentralised protocol Aave to borrow close to $1 billion in cryptocurrency assets and exchanged these for enough beans to gain a 67 per cent voting stake in the project”.
An emergency governance mechanism was abused to ‘vote’ for a malicious proposal and allow themselves to send funds to a wallet they controlled while Omniscia says that after the attacker secured a flash loan — and, therefore, extensive voting rights normally used to accept or decline changes in the protocol’s code.
The flash loan was then repaid.
PeckShield, who first spotted the attack told that total losses reached $182 million, with the attacker able to steal $80 million securely. Other losses were due to the fees rquired to execute the flash loan.