High-profile hacks have become more common in the cryptocurrency market, and Qubit Finance is one of the latest decentralized finance (DeFi) protocols being used by hackers.
Hackers were able to access and steal over $80 million from Qubit Finance, which is based on Binance Smart Chain, a protocol confirmed on Twitter on Friday. The addresses associated with the attack stole 206,809 Binance Coins (BNB) from the Qubit QBridge protocol. At the time of writing, the assets were valued at over $80 million.
@QubitFin just got hacked for $80 million?
QBridge was hacked to create a “huge amount of xETH collateral,” which was subsequently used to drain the entire amount of BNB held on Q Bridge, according to PeckShield, which analyzed Qubit smart contracts.
In a report from security firm CertiK, an attacker used the deposit option in the QBridge contract to illegally mint 77,162 qXETH, which is an asset representing Ethereum connected via Qubit. Protocol was fooled into believing that the attackers had deposited money when they had not.
According to CertiK, the hacker performed these steps multiple times and converted all assets to Binance Coin as a result. According to DeFiYield Rekt, this makes the exploit the seventh largest in DeFi.
Related: Crypto.com shares details of security breach: 483 accounts compromised
The Qubit team has sent out a statement to notify customers that they are still monitoring the hacker and his affected assets. The blog also notes that we contacted the attacker to offer the maximum reward determined by his program. The team has since disabled the Supply, Redeem, Borrow, Repay, Bridge, and Bridge Redemption features until further notice. However, they indicated that a claim is available.
pic.twitter.com/G1WOMglVUU — Qubit Finance (@QubitFin) January 28, 2022
Hacks, hacks, and protocol exploits are all prevalent in the cryptocurrency sector. Earlier this month, decentralized financial security platform and bug-finding service Immunefi reported that cybercrime losses exceeded $10.2 billion in 2021. On January 17, popular cryptocurrency exchange Crypto.com suffered nearly $34 million in losses as a result of a security breach.
