Beanstalk Hacker Drains USD 182M from Project, But Nets Only USD 80M
Beanstalk, a decentralized credit-based stablecoin protocol, fell victim to a flash-loan attack over the weekend that saw the protocol exploited for USD 182m worth of crypto. However, the attacker managed to cash out ‘only’ USD 80m.
After swapping, BEAN lost its dollar peg, which could explain why the attacker netted much lower.
At 7:20 UTC on Monday morning, the 787th coin by market capitalization, BEAN, is trading at USD 0.298, down by 70.5% over the past 24 hours, hence more than 70% in a week, which is a far cry from its target peg of USD 1.
The address marked as the “Beanstalk Flashloan Exploiter” currently holds only USD 238.54 worth of ETH.
This is factually incorrect. Protocol loss was ~$180M, hacker got $80M and most of the rest is sitting is valueless $BEANS. $100M wasn't just sent to other protocols lol— FreddieRaynolds (@FreddieRaynolds) April 18, 2022
In a Sunday post, Publius, an admin of Beanstalk’s Discord server, detailed that the hack happened after the attacker took out a flash loan from decentralized finance (DeFi) lending protocol Aave and accumulated a large amount of Beanstalk’s native governance token, Stalk.
After gaining a Stalk position of more than 67%, the attacker was able to pass a malicious governance proposal that transferred all assets in the Beanstalk contract to their wallet.
“Beanstalk did not use a flash loan resistant measure to determine the % of Stalk that had voted in favor of the [improvement proposal],” they added. “This was the fault that allowed the hacker to exploit Beanstalk.”
Meanwhile, in a Discord meeting earlier today, the developers reportedly doxxed themselves.
Similarly, in a recent announcement on Discord, the developers revealed their identities, adding that they had no “involvement with, and no prior knowledge of, the attack.”
“I am Benjamin Weintraub, and I am here with Brendan Sanderson and Michael Montoya. We are Publius. We are the individuals who created Beanstalk,” the announcement said.
The developers also claimed that they have contacted the US Federal Bureau of Investigation (FBI) and informed the federal agency’s internet crime center of the attack, adding that:
“We intend to fully cooperate with the FBI to track down the perpetrators, and hopefully recover everything that was stolen.”
Nevertheless, the project needs some big investment to replenish liquidity in order to move forward. According to Mark Jeffrey, an award-winning author and serial entrepreneur, a USD 50m infusion could help the project resume functions.
“For a VC or whale who missed out on LUNA and still believes this could be big stablecoin protocol, there’s a unique opportunity to swoop in and re-power it — and own a ton of it,” Jeffrey said.
Combined with a form of fusion … no wait, that's the Matrix.— Mark Jeffrey (@markjeffrey) April 18, 2022
Combined with less liquidity than $50M … say, $10M or $20M …. plus the podline, it's potentially doable.
I do think they'd need SOME new liquidity investment. A full cold reboot? No way.
– North Korea’s Lazarus Group Behind Axie Infinity’s Ronin Hack, Say US Treasury, FBI
– Axie Infinity Developer Sky Mavis Offers up to USD 1M in Bounty for ‘Fatal Bugs’
– Here’s How You Can Protect Yourself Against Phishing as Trezor is Attacked
– Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes
– Digital Collectibles Marketplace VeVe Loses ‘Large Amount of Gems’ in an Exploit
– ApeCoin Smart Contract Exploited, ‘Well-Prepared Claimer’ Walks Away With USD 380K