BTC0.020
ETH0.020
HTX0.020
SOL0.020
BNB0.020
BTC0.020
ETH0.020
HTX0.020
SOL0.020
BNB0.020
The whole story of Ankr being attacked: arbitrageurs profit super hackers, hackers play "performance art" with Pixiu
Loopy Lu
2022-12-02 08:15
本文约2376字,阅读全文需要约10分钟
The total amount of aBNBc has now reached 60 figures.

Today, Ankr's deployer key is suspected to have been leaked, 10 trillion aBNBc were minted, the liquidity of its transaction pool on Pancake was emptied, and the price of aBNBc has almost returned to zero.

Slightly different from the previous attacks, there are many ironic "interesting stories" in this attack: arbitrageurs have far more profits than hackers (let's assume that they are not the same person), hackers issued FuckBNB meme coins to make a big fuss "Performance art", aBNBc continued to increase the total circulation to an unheard of amount, etc. The follow-up development of this attack has attracted more attention than the attack itself.

Attack Incident Review

Earlier this morning, hackers gained access to Ankr deployers and launched an attack on the project.

According to data on the chain, 10 trillion aBNBc tokens area transferis minted and sent to addresses beginning with 0xf3a4.

After a huge amount of tokens were issued, a part of aBNBc was kept in the wallet, while more tokens were thrown out for profit. The hacker transferred 1.125 BNB to his address as a gas fee and started selling aBNBc, exchanging about 4.05 million USDC and 5,000 BNB in ​​total. The profit of 4,500 BNB was exchanged for about 1.29 million USDC and 900 BNB was deposited into Tornado.Cash, and then the attacker cross-linked all USDC into the Ethereum network Celer Network and Multichain, and then transferred all about 4.68 million One USDC was exchanged for 3446 ETH. Due to the sharp drop in the price of ANKR, the current return on shorting ANKR has reached 53.25%.

The security team PeckShield found that in the Ankr theft event, the aBNBc token contract had an infinite coinage vulnerability. Although the coinage function mint() is protected by the onlyMinter modifier, there is another function (with 0x3b3a5522 func.signature ) can completely bypass caller verification for unlimited minting privileges.

secondary title

Arbitrageurs take $15 million profit

If the matter ends here, this is just another "unremarkable" safety accident in the bear market. But the "arbitrageurs" had to catch up at the right time.

When aBNBc was smashed to zero by hackers, a user (0xaab2...dfc3) purchased more than 180,000 aBNBc with 10 BNB, and mortgaged aBNBc on the lending platform helio to lend more than 16 million stablecoins HAY.(Odaily note: HAY is a BNB-based USD over-collateralized decentralized stablecoin, which can be minted by depositing aBNB-LP.)At present, the official team stated that it has discovered the vulnerability and will notify the community as soon as more information is obtained.

Arbitrageurs sold Hay for more than 15 million BUSD, and Hay's liquidity pool was emptied. As a decentralized stablecoin, the price of HAY has been severely de-anchored for a time, falling as low as about US$0.21. At present, the price has gradually recovered and is currently quoted at US$0.70.

After the hackers made $5 million in profits, the arbitrageurs made another $15 million in profits from the lending platform, which was far more than the hackers.

The last time there was an "arbitrageur income super hack" happened, it was in the pGALA incident. In the market, the true identity of the "arbitrageur" ​​has attracted suspicion from investors. Users have made speculations about this mysterious person, and some people suspect that the arbitrageur may be just another address of the hacker.

The development of things far exceeded everyone's expectations. Although the attacker's profits have been transferred anonymously by Tornado, the arbitrageurs do not seem to be familiar with on-chain operations.

The data on the chain shows that the anonymous arbitrageur actually transferred the profit of 15.5 million US dollars to Binance through the intermediate address (0x4c...2757).

Although this arbitrage behavior can hardly be called "hacking", it is indeed "unjust enrichment" in a sense.

Immediately afterwards,CZ sayssecondary title

Anecdotes continue: 10 to the 60th power, the leader of the hackercoin track

In this incident, there were also many ironic "interesting stories".

This afternoon, CZ said on Twitter that for Ankr and Hay's hacking attacks, the preliminary analysis is that the developer's private key was stolen, and the hacker updated the smart contract to a more malicious contract. The investigation by the security team also came to the same conclusion. Some security teams found that multiple different calling addresses caused additional token issuance. This has an interesting consequence: the Ankr hack involved perhaps the largest attack ever.

The label of BSCScan shows that the logo of Ankr Exploiter has even been numbered to more than 50 in sequence, and the number of addresses of the attacker is staggering.

What is even more bizarre is that due to multiple additional issuances brought about by multiple calls, the number of additional issuances of aBNBc is no longer the original 10 trillion.

Data on the chain shows that the total supply of aBNBc has exceeded 10 to the 60th power.

More precisely, its supply is 115, 792, 089, 237, 316, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000 pieces.

After the attack, the hackers were not satisfied with the "small" income from Ankr, and were committed to further expanding their profits.

secondary title

end?

This afternoon, Binance said it had frozen about $3 million transferred to the exchange by hackers. BNB Chain stated that it has noticed that the Ankr aBNBc contract was hacked earlier today, and the Ankr attacker address has been blacklisted.

Ankr also responded to the incident. It stated that it has contacted DEX and informed the exchange to block related transactions, and is currently evaluating the situation and reissuing tokens. In addition, Ankr also guarantees that all underlying assets of Ankr Staking are safe, and all infrastructure services will not be affected. A plan is currently being drafted whereby Ankr will compensate affected users.

Ankr has made four reminders to users: 1. Do not trade; 2. Liquidity providers who have retained aBNBc tokens, please remove liquidity from DEX; 3. Ankr will take a snapshot, and users can wait for other news; 4. ABNBc will be reissued.

Wombat Exchange, a stable currency trading platform, stated that the BNB pool has been suspended, and the exchange, deposit and withdrawal of BNB, BNBx, stkBNB and aBNBc have also been suspended. Previously, Wombat had suspended the aBNBc pool and HAY pool.

In this incident, the loss of the lending platform is much greater than that of Ankr, but as of the publication of this article, HAY has not made any further response to this incident.

Safety
Loopy Lu
作者文库
推荐文章
From bearish to 3 times increase at opening, Circle IPO's big turnaround
06-06 02:57
From bearish to 3 times increase at opening, Circle IPO's big turnaround
"Brotherhood" breaks down, Trump and Musk stage a century-long quarrel
06-06 02:17
"Brotherhood" breaks down, Trump and Musk stage a century-long quarrel
24H Hot Coins and News | Trump and Musk turned against each other; Circle closed at $87.71 on its first day of listing (6.6)
06-06 01:42
24H Hot Coins and News | Trump and Musk turned against each other; Circle closed at $87.71 on its first day of listing (6.6)
Circle IPO: The “ChatGPT” Moment for Stablecoins and On-Chain Finance
06-05 23:00
Circle IPO: The “ChatGPT” Moment for Stablecoins and On-Chain Finance
All Unregistered Crypto Companies Must Exit Singapore by the End of the Month! No Transition Period!
06-05 13:56
All Unregistered Crypto Companies Must Exit Singapore by the End of the Month! No Transition Period!
Plume mainnet is officially launched, ushering in a new era of real-world assets on-chain
06-05 15:00
Plume mainnet is officially launched, ushering in a new era of real-world assets on-chain