“We are fucked”: Cryptocurrency platform Beanstalk loses $180 million
Unknown persons have secured a majority at Beanstalk with the help of a “flash loan” for seconds and transferred all the money lying there.
To do so, they borrowed almost a billion US dollars in various cryptocurrencies for a few seconds via another cryptocurrency service, The Verge explains. They immediately invested that in Beanstalk, acquiring a two-thirds majority there and transferring all deposits worth 0 million to themselves. That should have taken less than 13 seconds. After repaying the “flash loan” and accrued fees, the thieves were left with million, according to the report. The Beanstalk team is now appealing to the to pay back 90 percent of it, the rest they could keep. It is doubtful that this will be successful.
Beanstalk has only been around for a few months; the DeFi platform (“Decentralised Finance”) includes its own cryptocurrency, which is to be kept stable through deposits by users. This currency is called “Bean” and through various mechanisms its value is to be kept at around one US dollar. Beanstalk also includes a mechanism that allows users to vote on changes to the code. This is exactly what the thieves have now exploited.
Beanstalk team can only appeal
The successful break-in at Beanstalk is now the latest case in the rapidly growing list of cryptocurrency platform thefts. This year alone, for example, crypto lending platform Cream.Finance has been relieved of €30 million, blockchain bridge Wormhole of 0 million, and Qubit Finance of million. Unlike those projects, Beanstalk did not require a security breach. The in-house protocol had not been secured against the short-lived acquisition of a majority by a loan. According to a blog post, the platform will be secured and continue to operate.
Advertise with us : Advertise
Using a so-called “flash credit,” the thieves secured enough shares for a few seconds to transfer all of Beanstalk’s money to themselves via a code change. One of the platform’s developers admitted, according to Vice, “we are fucked.”
Picture by Pexels
With Beanstalk, a cryptocurrency platform has been stolen again, this time unknown persons were able to get their hands on about 80 million US dollars. The operators have already admitted the successful attack and provided some details. According to them, the unknown thieves took advantage of the fact that users of Beanstalk can vote on changes to the platform’s code – with voting rights proportional to the respective share in the in-house cryptocurrency.
TheBitcoinNews.com – Bitcoin News source since June 2011 –
If you will return 90% of the withdrawn funds to the Beanstalk Farms multi-sig wallet 0x21DE18B6A8f78eDe6D16C50A167f6B222DC08DF7, Beanstalk will treat the remaining 10% as a Whitehat bounty properly payable to you.
Send bulk sms with Bitcoin and don’t worry If your link gets reported. We are constantly monitoring your links and We’ll pause your campaigns if any issue…