Attacker Steals $ 6.2 Million from Belt Finance DeFi Protocol

A hacker withdrew $ 6.2 million from the Belt Finance platform powered by the Binance Smart Chain (BSC) DeFi ecosystem.

“The new weekend is a new attack on the BSC-based DeFi protocol. Today, Belt Finance has stolen $ 6.2 million in BUSD using eight transactions, ”wrote Igor Igamberdiev, a researcher at The Block.

According to him, the attacker borrowed $ 385 million in BUSD on the PancakeSwap platform. After that, he deposited $ 10 million in the bEllipsisBUSD strategy.

The hacker leveraged $ 187 million in BUSD for the bVenusBUSD strategy and repeated these steps more than seven times. Then he exchanged $ 190 million in BUSD for $ 169 million in USDT through the Ellipsis platform.

After that, the attacker withdrew BUSD from the bVenusBUSD strategy and exchanged $ 169 million in USDT for $ 189 million in BUSD using the Ellipsis platform. Then he deposited BUSD into the bVenusBUSD strategy.

Finally, the hacker repaid the instant loans and withdrawn the profits.

Igamberdiev explained that the price of beltUSD depends on the sum of the balances of all strategies on the platform. Hence, manipulating these strategies means being able to influence the price of the Belt Finance platform asset.

“Apparently, by buying and selling BUSD, the attacker manipulated its price using a bug in calculating the balance of the bEllipsisBUSD strategy.”

“All stolen BUSDs were converted on the 1 inch v3 platform to 2680 anyETH worth $ 6 million. Part of the funds was transferred to Ethereum. At the moment, 1,463 ETH have not left the cross-chain bridge, ”said Igamberdiev.

Belt Finance representatives said they are investigating the incident and preparing a compensation plan for the funds. Withdrawals from BSC storages are suspended until the smart contract is updated.

The price of the BELT token has dropped by 27.6% over the last 24 hours, according to CoinGecko… The Belt Finance platform is ranked second in the Defistation rating, which takes into account the value of the assets involved in the protocols.

Data: Defistation.

Formerly ForkLog reportedthat the hacker brought down 80% the price of the PancakeBunny DeFi token. To manipulate USDT / BNB and BUNNY / BNB rates, he borrowed funds from PancakeSwap.

Subscribe to the ForkLog channel at YouTube!

Found a mistake in the text? Select it and press CTRL + ENTER

.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.