A series of connected attacks ended up costing infrastructure provider Ankr and stablecoin issuer Helio Protocol a total of $20 million, according to on-chain analysis by security firm BlockSec.
The first attack targeted a liquid staking token product run by Ankr, resulting in a loss of more than $5 million. An unknown hacker leveraged a vulnerability in Ankr’s smart contract to mint trillions of aBNBc, a reward token tied the price of Binance’s exchange token BNB, as noted by BlockSec and other analysts.
Once the attacker minted those tokens, they sold and drained all of its liquidity across decentralized exchanges on BNB Chain to get away with more than $5 million. Ankr acknowledged the exploit, adding that it was working with exchanges to stop deposits from addresses connected with the attacker.
As the hacker sold off a large number of aBNBc on decentralized exchanges, the price of the aBNBc token collapsed by more than 99%. This opened the room for the second exploit.
In this second instance, someone acquired some 183,000 aBNBc tokens with 10 BNB ($2,900), BlockSec detected. The attacker then deposited the tokens into a BNB Chain-based stablecoin issuer Helio Protocol to drain funds.
The attacker was able to borrow $16 million in the HAY stablecoin with a small amount of aBNBc collateral as the oracle system used by Helio Protocol failed to update aBNBc prices after its rapid crash. The attacker swapped their HAY stablecoin for $15 million Binance USD (BUSD), resulting in a massive loss for the protocol.
BlockSec noted that $15 million of the stolen funds in the second attack moved to crypto exchange Binance. So far, $3 million of the funds have been seized, according to Binance CEO Changpeng Zhao.