$ 182 million stolen by hackers

Dbooklets have long been the order of the day in the Bitcoin & Co world. Anonymous currencies, which promise huge price increases and lead to gigantic nominal values, naturally arouse great desire. They attract many fortune hunters who hope to jump on the bandwagon in time and forget to secure their newfound fortunes. The young fintechs who run the cryptocurrencies are often just as poorly secured. This creates a playground for talented hackers.

Now the young crypto exchange Beanstalk – which has only existed for a few months – has been captured. The operators have publicly admitted the theft. One of the founders said to the “Vice” platform: “We are fucked”, which in everyday speech describes the situation: “We are screwed”.

In 13 seconds to $ 182 million

The path taken by the thieves at Beanstalk is very unusual. The newly formed crypto exchange operated with its own digital currency, a so-called stablecoin called “Bean”. Its value should be kept stable at one dollar by means of user deposits. But as is usual with decentralized blockchains, the same users can decide on changes to the code, which in turn is the technical basis of the digital currency. You get as many shares as you own units of the digital currency. Anyone who holds about 1 percent of all “Prayers” also has 1 percent of the voting rights.

That’s exactly what the hackers took advantage of. In the first step, they borrowed nearly a billion dollars in various digital currencies via a kind of “quick loan”. With that money, they immediately gained a two-thirds majority in Bean and thus two-thirds of the voting rights. They then decreed that all $ 182 million deposits should be transferred to themselves. According to technology portal “The Verge”, what sounds like a complex operation took only 13 seconds. After repaying the quick loan and fees, the hackers still had $ 80 million left.

Legally complicated

The Beanstalk team has no choice but to appeal to the thieves. If they paid 90 percent of the $ 80 million back, they could keep the other 10 percent as a sort of finder’s fee to uncover the vulnerability.

However, it will also be difficult to deal with the case legally. Strictly speaking, it was not a security hole at all. The protocol was not secure against a short-term takeover because the founders of Beanstalk simply did not foresee such an attack.

There are always cases like this in the crypto world. The most well-known case recently was a $ 650 million gigantic theft: Players of the game Axie Infinity, which is popular in Asia, were particularly affected. The thieves were targeting so-called bridge software. This is used to exchange in-game cryptocurrencies for other digital currencies.

The hack stole 173,600 units of the digital currency Ethereum, the operators of the affected Ronin Bridge announced at the time. The attackers managed to withdraw the digital currencies with hacked crypto keys. Such bridges, which exchange digital currencies with other digital currencies or, as in this case, are used for purchase, have recently become the target of hackers again and again.

Leave a Comment