DeFi Protocol Qubit Finance Hacked, Lost $80 Million

Friday, 28/01/2022 | 08:08 GMT by Arnab Shome
  • Hackers exploited the deposit function to mint unlimited xETH.
  • It was the seventh-largest attack on any DeFi platform.
cybersecurity

Qubit Finance, a Binance Smart Chain-based decentralized finance (DeFi) protocol, was recently attacked, resulting in the theft of more than $80 million worth of cryptocurrencies , the team behind the project confirmed on Friday.

The developers detailed that the attackers minted an unlimited amount of xETH without depositing enough collateral to borrow on the blockchain.

Qubit is a DeFi protocol that allows users to borrow loans against crypto collateral for fixed interest rates. Additionally, the protocol functions across blockchains, and thus allows borrowers to collateralize their assets without moving them from chain to chain. The protocol does not have any central authority and functions using smart contracts.

The blockchain analytics firm, Peckshield, pointed out that the attack resulted in the draining of 206,809 Binance coins (BNB) from wallet addresses connected to Qubit’s QBridge protocol.

The attacker used the deposit function in QBridge and tricked the protocol without sufficient deposit to illicitly mint 77,162 qXETH. These steps were repeated several times.

“In summary, the deposit function was a function that should not be used after deposit ETH was newly developed, but it remained in the contract,” the Qubit team wrote in an official report. The team is still monitoring the compromised assets and is cooperating with security and network partners, including Binance.

As a security measure, the developers disabled most of the functions of the protocol including supply, redeem, borrow, repay, bridge and bridge redemption, but claiming is still available.

Vulnerabilities in DeFi

DeFi is seen as the real decentralized challenger to the existing banking industry. But, despite the promises, this protocol remains extremely vulnerable to security breaches. Over recent months, several DeFi platforms like Grim Finance, Cream Finance, pNetwork have been hacked.

The latest attack on Qubit was the seventh-largest crypto theft- based on the fiat value, from any DeFi platform to date. As a result, the market value of Qubit’s QBT token slipped by almost 25 percent in the past 24 hours.

Qubit Finance, a Binance Smart Chain-based decentralized finance (DeFi) protocol, was recently attacked, resulting in the theft of more than $80 million worth of cryptocurrencies , the team behind the project confirmed on Friday.

The developers detailed that the attackers minted an unlimited amount of xETH without depositing enough collateral to borrow on the blockchain.

Qubit is a DeFi protocol that allows users to borrow loans against crypto collateral for fixed interest rates. Additionally, the protocol functions across blockchains, and thus allows borrowers to collateralize their assets without moving them from chain to chain. The protocol does not have any central authority and functions using smart contracts.

The blockchain analytics firm, Peckshield, pointed out that the attack resulted in the draining of 206,809 Binance coins (BNB) from wallet addresses connected to Qubit’s QBridge protocol.

The attacker used the deposit function in QBridge and tricked the protocol without sufficient deposit to illicitly mint 77,162 qXETH. These steps were repeated several times.

“In summary, the deposit function was a function that should not be used after deposit ETH was newly developed, but it remained in the contract,” the Qubit team wrote in an official report. The team is still monitoring the compromised assets and is cooperating with security and network partners, including Binance.

As a security measure, the developers disabled most of the functions of the protocol including supply, redeem, borrow, repay, bridge and bridge redemption, but claiming is still available.

Vulnerabilities in DeFi

DeFi is seen as the real decentralized challenger to the existing banking industry. But, despite the promises, this protocol remains extremely vulnerable to security breaches. Over recent months, several DeFi platforms like Grim Finance, Cream Finance, pNetwork have been hacked.

The latest attack on Qubit was the seventh-largest crypto theft- based on the fiat value, from any DeFi platform to date. As a result, the market value of Qubit’s QBT token slipped by almost 25 percent in the past 24 hours.

About the Author: Arnab Shome
Arnab Shome
  • 6613 Articles
  • 97 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6613 Articles
  • 97 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}