Help
The cross-chain bridge of Decentralized Finance (DeFi) protocol Qubit Finance, X-Bridge has been hacked and the amount of funds lost in the process amounts to nearly $80 million. This is the biggest DeFi hack as of now in 2022.
“Logical error” in X-Bridge contract
As per the official medium blog which explained the entire scenario, there was a “logical error” in the smart contract of X-Bridge. Qubit said in the blog that the hackers took advantage of the QBridge deposit function.
The X-Bridge is a bridge that can be used to send ERC-20 tokens and receive BEP-20 tokens in return. In short, it facilitates the swapping of cryptocurrencies across Ethereum and the Binance Smart Chain.
Furthermore, CertiK, a blockchain audit and security firm, also explained the entire hack procedure in another Medium blog in which the attacker ended up with a total of 77,162 qXETH which amounts to somewhere around $185 million.
qXETH used as collateral
The X-Bridge attacker used the 77,162 qXETH as collateral and borrowed other tokens from the lending pools which were worth $80 million. These assets include 15,688 wETH ($37.6 million), 767 BTC-B ($28.5 million), around $9.5 million worth of various Stablecoins, and about $5 million worth of CAKE, MDX, and BUNNY tokens.
While the X-Bridge attacker actually made the attack worth $185 million, they were able to obtain only $80 million in profit. The actions taken by the team include tracking the explorer and “cooperating with security and network partners, including Binance.”
The protocol exploit report from Qubit Finance said that the development team is taking actions and added: “Supply, Redeem, Borrow, Repay, Bridge, and Bridge redemption functions are disabled until further notice. Claiming is available.”
Post a Comment