Beanstalk Hacker Drains USD 182M from Project, But Nets Only USD 80M

Ruholamin Haqshanas
Last updated: | 2 min read
Source: AdobeStock / Sergey Nivens

 

Beanstalk, a decentralized credit-based stablecoin protocol, fell victim to a flash-loan attack over the weekend that saw the protocol exploited for USD 182m worth of crypto. However, the attacker managed to cash out ‘only’ USD 80m.

According to blockchain security firm PeckShield, the attacker ran away with ETH 24,830 and the protocol’s stablecoin BEAN 36m, among others. 

After swapping, BEAN lost its dollar peg, which could explain why the attacker netted much lower.

At 7:20 UTC on Monday morning, the 787th coin by market capitalization, BEAN, is trading at USD 0.298, down by 70.5% over the past 24 hours, hence more than 70% in a week, which is a far cry from its target peg of USD 1.

BEAN 7-day price chart. Source: coingecko.com

Per PeckShield alerts account, the stolen USD 80m has been laundered via the coin mixing tool Tornado Cash

The address marked as the “Beanstalk Flashloan Exploiter” currently holds only USD 238.54 worth of ETH. 

In a Sunday post, Publius, an admin of Beanstalk’s Discord server, detailed that the hack happened after the attacker took out a flash loan from decentralized finance (DeFi) lending protocol Aave and accumulated a large amount of Beanstalk’s native governance token, Stalk.

After gaining a Stalk position of more than 67%, the attacker was able to pass a malicious governance proposal that transferred all assets in the Beanstalk contract to their wallet.

“Beanstalk did not use a flash loan resistant measure to determine the % of Stalk that had voted in favor of the [improvement proposal],” they added. “This was the fault that allowed the hacker to exploit Beanstalk.”

Meanwhile, in a Discord meeting earlier today, the developers reportedly doxxed themselves.

Similarly, in a recent announcement on Discord, the developers revealed their identities, adding that they had no “involvement with, and no prior knowledge of, the attack.”

“I am Benjamin Weintraub, and I am here with Brendan Sanderson and Michael Montoya. We are Publius. We are the individuals who created Beanstalk,” the announcement said.

The developers also claimed that they have contacted the US Federal Bureau of Investigation (FBI) and informed the federal agency’s internet crime center of the attack, adding that: 

“We intend to fully cooperate with the FBI to track down the perpetrators, and hopefully recover everything that was stolen.”

Nevertheless, the project needs some big investment to replenish liquidity in order to move forward. According to Mark Jeffrey, an award-winning author and serial entrepreneur, a USD 50m infusion could help the project resume functions.

“For a VC or whale who missed out on LUNA and still believes this could be big stablecoin protocol, there’s a unique opportunity to swoop in and re-power it — and own a ton of it,” Jeffrey said.

____

Learn more:
North Korea’s Lazarus Group Behind Axie Infinity’s Ronin Hack, Say US Treasury, FBI
Axie Infinity Developer Sky Mavis Offers up to USD 1M in Bounty for ‘Fatal Bugs’

Here’s How You Can Protect Yourself Against Phishing as Trezor is Attacked
Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes 

Digital Collectibles Marketplace VeVe Loses ‘Large Amount of Gems’ in an Exploit
ApeCoin Smart Contract Exploited, ‘Well-Prepared Claimer’ Walks Away With USD 380K