logo

ANKR protocol new recovery plan following $5M exploit

ANKR protocol new recovery plan following exploit

TL;DR Breakdown

  • Trillion aBNBc exploited on ANKR protocol were laundered to several other crypto platforms.
  • A former employee conducted the exploit. As a result, ANKR will compensate all affected parties.
  • They will exclude arbitrage traders who took advantage of the exploit from the recovery program.
  • The affected parties will update their protocols to protect their communities from similar exploits.

The trillion aBNBc exploit on ANKR protocol extended to several other crypto platforms. The protocol custodians identified the perpetrator and set a recovery plan to compensate the affected parties. 

The ANKR team zeroed in on a former team member as the muscle behind the exploit. The individual conducted a supply chain attack using malicious code that compromised their private key.

On-chain analysis revealed that the perpetrator could mint new aBNBc tokens on the blockchain; he then moved them across to other platforms like Binance and HAY protocol to wash the stolen funds.

aBNBc is a reward-bearing token on the protocol; the tokens appreciate as they accumulate more rewards. They give the token to users who stake BNB as proof of their stake.

Exploit impact and recovery plan

The aBNBc blockchain money trail revealed that the former employee laundered the stolen funds into Tornado cash, Hay Protocol, and Binance

The new liquidity depegged the HAY stablecoin, and aBNBc prices fell 99% to $0.2113. On the other hand, ANKR’s price remained relatively stable.

Changpeng Zhao, CEO of Binance, noted that they would freeze all accounts related to the exploit pending investigations.

The main criterion behind the recovery plan is to compensate all ‘clean’ users at the time of exploit. Therefore, they would exclude arbitrage traders who took advantage of the exploit from the recovery program.

In response, the team scanned the blockchain to earmark all aBNBc token holders. Then, using the snapshot, they airdropped a new ankrBNB token to all affected holders and began formulating a new recovery plan.

Helio Protocol took a big hit as the perpetrator traded aBNBc with HAY destablecoin. By December 8, 2022, the protocol custodians had purchased 6,843,323 HAY on DEXs out of 17,747,582 HAY of accumulated bad debt. The effort pushed HAY’s price to $0.98. 

The custodians also burnt 6 million HAY days later. Nevertheless, they managed to buy back $3 million in bad debt.

On December 9, the custodians airdropped ankrBNB to wallets that held aBNBc and aBNBb. They also completed airdrops to Ellipsis Finance, Pancakeswap, ApeSwap, ACryptoS, Wombat, Beefy FInance, Wombex, Magpie, and Quoll.

On December 12, the custodians airdropped BNB to the wallet address that held BNB through aBNBb or aBNBc liquidity pools.

The custodians promised to fully compensate about 14,407 BNB to the Wombat liquidity pool by December 19.

The protocol custodians are working with law enforcement to bring the former employee to book.

To prevent such an event, the RPC provider will implement a multi-sig authentication and timelocks for all updates to avoid a single point of failure. They will also work on employee background checks and redefine terms of engagement with DeFi protocols.

Helio Protocol, HAY’s custodian, will resume liquidation functions for the bad actors since users have no collateral backing their position. They will also work on implementing new design features to prevent such exploits from affecting them again.

Final Thoughts

We can trace the weak link in the ANKR exploit to their internal HR processes and security measures. A chain is only as strong as its weakest link.

The exploits served as a lesson for all the affected parties, who mentioned that they would be updating their protocols to protect their communities from similar exploits.

At press time, the HAY destablecoin trades at $0.997 after de-pegging for two weeks from burning their bad debt. 

ANKR/ USD chart.

ANKR protocol new recovery plan following $5M exploit 1

On the day of the exploit, the ANKR price was $0.02147. It is now trading at $0.01753, 15% down from the day of the exploit.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.

Brian Koome

Brian Koome

Brian Koome is a cryptocurrency enthusiast who has been involved with blockchain projects since 2017. He enjoys discussions that revolve around innovative technologies and their implications for the future of humanity.

Related News

Hot Stories

Breaking: SBF's parents will be called to testify under oath
Tesla reports Bitcoin impairment charge in Q4 2022
Alchemy Pay Price Prediction 2023-2032: Is ACH a Good Investment?
Bitcoin price analysis: Bulls head on towards next aim after surpassing $23,089
Ethereum price analysis: ETH surges high above $1,554 as bulls regain momentum

Follow Us

Industry News

Breaking: SBF's parents will be called to testify under oath
Tesla reports Bitcoin impairment charge in Q4 2022
Hacker moves stolen $90 million after six years
Elizabeth Warren wants the SEC to tighten its scrutiny on crypto
Middle East and North America (MENA) venture capitalists to increase crypto investments in 2023

Add Your Heading Text Here