Defi stolen funds qubit finance to

defi stolen funds qubit finance to

CertiK, a blockchain auditing and security company, suggests the hacker was able to exploit a security flaw in Qubit’s smart contract code that let them send in a deposit of 0 ETH and withdraw almost $80 million in Binance Coin in return.

“As we move from an Ethereum-dominant world to a truly multi-chain world, bridges will only become more important,” CertiK analysts wrote. “People need to move funds from one blockchain to another, but they need to do so in ways that are not susceptible to hackers who can steal more than [$80 million].”

A statement posted by the Qubit Finance team on Twitter directly appealed to the hacker, asking them to negotiate with the team in order to minimize losses for the Qubit community.

Qubit’s incident report also stated that the team was attempting to offer the hacker the maximum reward possible under their bug bounty program.

  • The company’s supply, retention, loan and repayment services have been disabled.

  • Qubit Finance, a decentralized finance (DeFi) protocol, was hacked this week. They lost nearly $80 million in cryptocurrencies, and in an effort to recover the funds, they asked the attacker to trade with them and return the funds to the community.

    via Twitterthe team behind the smart contract-based platform realized a security flaw, more precisely QBridge, which It is a blockchain bridge that makes token exchanges between the Ethereum network and the Binance Smart Chain easier.

    As Qubit Finance’s massive hack report shows, the attacker sent false data To activate the deposit function in QBridge, in Ethereum.

    Advertising

    The company specifies that said bridge should receive encapsulated ether (wETH), which is a wrapped token.

    Following a report on January 28, Qubit Finance now joins the list of ever-growing defi protocols to suffer a major exploit.

    Qubit Finance Exploited for $80 Million

    Qubit Finance, a DeFi lending and borrowing protocol on the Binance Smart Chain, was exploited on January 28, with the hacker making away with over 206,809 BNB ($80 million) from its lending pools.

    Developers of Qubit Finance reported that “the hacker minted unlimited xETH to borrow on BSC.” According to Qubit, its team is currently working with security and network partners on the next steps.

    After a post mortem on Qubit Finance’s chain, the security firm, Certik reported that the attacker utilized a deposit option in the QBridge contract to illegally mint 77,162 qXETH.

    PeckShield adds that the hacker used them to drain the entire amount of BNB held on QBridge.

    Defi stolen funds qubit finance torrent

    According to CertiK, the hacker carried out these actions numerous times, changing all of the funds to Binance Coin in the process.

    • https://twitter.com/CertiKCommunity/status/1486892063006334982?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1486892063006334982%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.ndtv.com%2Fbusiness%2Fcryptocurrency-worth-80-million-stolen-from-defi-platform-qubit-finance-2737888

    “Essentially, the attacker took advantage of a logical mistake in Qubit Finance’s code that enabled them to insert fraudulent data and withdraw tokens on Binance Smart Chain while none were placed on Ethereum,” CertiK revealed. Qubit’s QBT was down 34.6 percent at the time of writing, according to CoinGecko statistics.


    Hacking and losing money has a profound effect on thousands of real people. If a maximum bonus offer isn’t what you’re after, we’re open to discussing.
    We’re on our way to finding a solution,” they plead with Qubit Finance.

    2022 started with piracy

    What happened with Qubit Finance was added to the list of other protocols in just 29 days of 2022 They were victims of attacks that allowed thieves to steal large sums of money.

    An example is Crypto.com, one of the largest exchanges, where about 800 bitcoins have been mined. This happened on January 17th. In total, losses are estimated at $30 million.

    As reported by CriptoNoticias, this company’s reaction to the theft is worth analyzing.

  • PeckShield, which audited Qubit’s smart contracts, said the QBridge was hacked to mint a “huge amount of xETH collateral” that was then used to drain the entire amount of BNB held on QBridge.

  • In an incident report, security firm CertiK said the attacker used a deposit function in the QBridge contract and illicitly minted 77,162 qXETH, an asset that represents ether bridged via Qubit. Attackers tricked the protocol to show that they had deposited funds without making an actual deposit.

  • These steps were repeated several times, and the attacker then converted all the assets to BNB, CertiK said in a tweet.

  • The exploit is the seventh-largest attack on a DeFi protocol by the amount of funds stolen, as per data from analytics tool DeFi Yield.

  • Qubit’s QBT is down 25% in the past 24 hours, as per data from CoinGecko.

  • Qubit Finance, a decentralized finance (DeFi) platform, has become the latest victim of a high-value theft, with hackers stealing around $80 million in cryptocurrency on Thursday.

    The value of cryptocurrency stolen makes this the largest hack of 2022 so far.

    Qubit Finance acknowledge the hack in an incident report published through Medium. According to the report, the hack occurred at around 5PM ET on the evening of January 27th.

    Qubit provides a service known as a “bridge” between different blockchains, effectively meaning that deposits made in one cryptocurrency can be withdrawn in another.

    Kim Grauer, told ZDNet. “We also know that criminals are the first to adapt to new technology to avoid discovery, and this year was no exception.” This statement explains why DeFi technologies have been the target of so many assaults.

    As explained the hacker was able to exploit a logic error made by Qubit’s Team and to tackle that I believe they should have added more layers of security as adding a second layer multiplies the original complexity of the problem and makes it way less likely for hackers to be able to exploit them.

    Lastly, I believe that this incident signifies how important cybersecurity is.

    How are they solving the problem?

    Qubit Finance Team publicly tweeted that they are offering the hackers a generous bounty worth $2 million without prosecution if the attackers return all the stolen money though as of right now the hackers have not responded.

    Binance Smart Chain-based Qubit Finance was exploited for over $80 million by attackers on Friday morning, developers confirmed in a post.

    • “The hacker minted unlimited xETH to borrow on BSC. The team is currently working with security and network partners on next steps,” developers said in a tweet.

    • Addresses connected to the attack show 206,809 binance coins (BNB) were drained from Qubit’s QBridge protocol.
      The assets are worth over $80 million at current prices, security firm PeckShield confirmed in a tweet.

    • Decentralized finance (DeFi) projects like Qubit Finance rely on smart contracts instead of third parties to offer financial services, such as trading, lending, and borrowing, to users.

    • Qubit allows users to supply their crypto holdings to the protocol and borrow loans against this collateral for a fixed fee.

    On the 27th of January 2022, Qubit Finance tweeted about the biggest DeFi (Decentralized Finance) exploits of 2022 which resulted in them losing $80 million dollars of cryptocurrency in the form of 206,809 Binance coins.

    • https://twitter.com/QubitFin/status/1486870238591594497?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1486870238591594497%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.ndtv.com%2Fbusiness%2Fcryptocurrency-worth-80-million-stolen-from-defi-platform-qubit-finance-2737888

    What is Qubit Finance?

    Qubit is a decentralized money market platform that takes advantage of the speed, automation, and security of the blockchain to connect lenders and borrowers efficiently and securely.

    Transfer should not happen.

    But this is where the error originated. The protocol’s safeTransferFrom command did not fail, as it appears that the attacker sent malicious data Resulting in the termination of the deposit function naturally in the contract.

    For this, he received $185 million in Qubit xETH, money which he later used as collateral.
    To take about $80 million in cryptocurrency from different groups of lenders.

    In total, at least 15,688 USD (about 37.6 million USD), 767 BTC-B (28.5 million USD), 9.5 million USD in stablecoins, and 5 million USD in CAKE, BUNNY and MDX tokens, from the decentralized platform.

    And now this?

    According to Qubit Finance, now the technical team The attacker tracks and monitors the affected assets.

    They specified that they offered the hacker the “maximum reward” (although they did not say how much), while cooperating with security entities and networks, Including the central exchange Binance.

    Qubit warns that, for now, The sourcing, holding, loan, redemption, bridging and redemption features are disabled until further notice.

    In social networks, the Qubit . team Make a public appeal to the intruder. They reveal that it is “never too late to return the money” stolen from users, and commit, once again, to to pay the bonus.

    In addition, they promise the attacker not to file legal action, as long as the stolen money is returned, and to “do the right thing for the community” currently affected.

    We suggest that you negotiate with us directly before taking any further action.

    Leave a Reply

    Your email address will not be published.