Hacker Makes Off With Millions After Minting Six Quadrillion of Ankr’s BNB Staking Tokens

Liquid Staking Provider Says Underlying Assets Are Safe

By: Samuel Haig Loading...

Hacker Makes Off With Millions After Minting Six Quadrillion of Ankr’s BNB Staking Tokens

Ankr, a web3 infrastructure project on BNB Chain, has suffered a major exploit with an attacker minting and dumping millions worth of its wrapped BNB token, aBNBc.

On Dec. 2, Nansen, an on-chain analytics provider, flagged that six quadrillion aBNBc had been abruptly minted.

It added that the hacker was racing to offload the tokens onto BNB Chain-based decentralized exchanges, using the network’s deployment of Tornado Cash — a crypto mixing protocol designed to obfuscate the transaction history for digital assets — to move their illicit gains to the Ethereum network.

LookonChain, an on-chain analytics firm, tweeted that the hacker made off with at least $5M in profits.

The attacker has completely drained the aBNBc pools on PancakeSwap and ApeSwap, crashing the token’s price from $300 to a fraction of a cent over just 60 minutes, according to CoinMarketCap.


aBNBc/USD. Source: Dextools

The aBNBc token is designed to accrue BNB staking rewards without forcing holders to lock up their liquidity.

Ankr said it is working with exchanges to halt trading for the aBNBc token. “All underlying assets on Ankr Staking are safe at this time, and all infrastructure services are unaffected,” it added.

BowTiedPickle, a smart contract developer, suggested that the incident was either an inside job or resulted from Ankr’s deployer key becoming compromised. “[He] deployed an attack contract, changed the upgradeable aBNBc contract to the malicious implementation, then called the 0x3b3a5522 function to mint 10,000,000,000 tokens to his wallet,” the developer said.

Opportunistic Trader Clears $15M

But Ankr’s attacker is not the only one to profit from the exploit.

LookonChain tweeted that one opportunistic DeFi trader exchanged 10 BNB worth $2,897 for 183,885 aBNBc after the attack. They then deposited the tokens into the Helio money market protocol, which did not have up-to-date pricing for aBNBc, and used them as collateral to borrow $16M worth of the HAY stablecoin.

They then offloaded the HAY tokens for $15.5M worth of the BUSD stablecoin, raking in triple the profits gleaned by Ankr’s attacker.

The price of HAY crashed as low as $0.20 amid the incident and was last changing hands for $0.54, according to CoinGecko.

The Wombat Exchange DEX responded by freezing its HAY pools.