Ankr Confirms $5M Crypto Hack Was An Inside Job

Ankr says it’s requesting background checks for staff after trillions of crypto tokens were illicitly minted by a rogue former employee

article-image

Furkan Cubuk/Shutterstock modified by Blockworks

share

Crypto startup Ankr says a former employee instigated the $5 million theft from its platform earlier this month.

A malicious hacker exploited a smart contract for one of Ankr’s staking rewards tokens, aBNBc, on Dec. 2. They’d manipulated a bug in its code that enabled unlimited minting of the token, deployed to Binance-branded BNB Chain.

In a Tuesday blog, the decentralized finance protocol said a former team member was behind the attack. It didn’t name or identify the individual.

“A former team member (who is no longer with Ankr) acted maliciously to conduct a supply chain attack, inserting a malicious code package that was able to compromise our private key once a legitimate update was made,” Ankr said.

Crypto intelligence firm Arkham had already noted the possibility of an inside job after on-chain sleuths linked related transactions to an Ankr deployer.

Ankr added: “Unfortunately, internal bad actors can affect any protocol and we are working on shoring up internal HR processes and safety measures to strengthen our security posture going forward.” 

The team is now working with law enforcement to potentially prosecute the former team member.

Previously, Ankr explained the attacker “minted an excess of aBNBc out of thin air” by uploading a new contract that allowed minting without authorization checks. They proceeded to swap it for other tokens on decentralized exchanges. 

Overall, the attacker minted 60 trillion aBNBc across six transactions. They swapped some for USDC before bridging the stablecoins to Ethereum and washing them through crypto mixer Tornado Cash.

Ankr reimbursed affected users with crypto

Shortly after the Ankr hack, a second exploit occurred on staking platform Helio, which hadn’t updated Ankr-related token prices despite aBNBc dropping more than 99%, from $303 to $1.54.

This allowed one user to borrow $16 million worth of its native stablecoin HAY by using affected Ankr tokens as collateral. They then swapped those funds for $15 million in BinanceUSD (BUSD), according to blockchain analysis firm BlockSec, before sending the haul onto Binance.

Ankr later executed a recovery plan for the community, which involved compensating its liquidity providers, lenders and other users affected by the exploit. 

The team also helped stabilize HAY after the stablecoin depegged, although the token is yet to fully regain its intended dollar value, now trading at a touch over $0.99.

In any case, Ankr hopes multi-sig authentication for updates will ensure similar attacks are avoided moving forward. The team is also implementing background checks for employees and reviewing access rights.


Get the day’s top crypto news and insights delivered to your email every evening. Subscribe to Blockworks’ free newsletter now.


Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from Blockworks Research’s Daily Debrief.


Can’t wait? Get our news the fastest way possible. Join us on Telegram and follow us on Google News.


Tags

upcoming event

MON - WED, MARCH 18 - 20, 2024

Digital Asset Summit (DAS) is returning March 2024. This year’s event will be held in our nation’s capital, where industry leaders, policymakers, and institutional experts will come together to discuss the latest developments and challenges in the ever-evolving world of cryptocurrency. […]

upcoming event

MON - WED, SEPT. 11 - 13, 2023

2022 was a meme.Skeptics danced, believers believed.Eventually, newcomers turned away, drained of liquidity and hope.Now, the tide is shifting and it’s time to rebuild. Permissionless II is the brainchild of Blockworks and Bankless. It’s not just a conference, but a call […]

recent research

Cosmos Hub: ATOM Economic Zone

Research

Replicated Security, the Hub’s Validation-as-a-Service offering that went live in March, is the first step in bringing value accrual to ATOM stakers.

/

article-image

Bitcoin price predictions are meaningless, so let’s expend our prediction energy on something that actually matters

article-image

A new complaint against Elon Musk and Tesla alleges that Musk manipulated both bitcoin and dogecoin

article-image

Kenya’s central bank doesn’t seem enamored by the idea of a CBDC but hasn’t slammed the door shut yet

article-image

Both Ethereum and Solana have enjoyed vibrant DeFi environments, but this has not yet been the case for Cosmos

article-image

As Japan takes important step forward on stablecoins, industry participants say, proposed US laws around such crypto assets remain in flux

article-image

Stablecoins offer global financial access and on-chain transactions without limitations, while FedNow falls short in terms of utility, global reach and inclusivity