Ankr successfully patches hack, will reimburse victims and take actions to prevent further attacks

abdelaziz Fathi

DeFi protocol Ankr plans to reimburse its affected users after a hacker managed to exploit a bug in its code that allowed for unlimited minting of its liquid staking token.

The team behind the BNB Chain-based protocol wrote a blog post that described in detail exactly what happened and the primary steps they are taking to proactively prevent attacks from happening in the future. 

Ankr identified the exploit on December 1, which came from vulnerabilities in the smart contract code. Specifically, the malicious actors gained access to the team’s developer private key and altered the smart contract for its BNB liquid staking token (aBNBc). 

The team further explains that the hack allowed the exploiters to deploy a new version of aBNBc smart contract, which gave them the ability to mint about 60 trillion coins while bypassing verification. Then, the attacker swapped the minted aBNBc tokens, which represents a staked version of BNB token, for USDC stablecoin and moved them off Binance chain onto Ethereum and funneled through crypto mixer Tornado Cash. 

According to the post, Ankr estimates the damage to be $5 million worth of BNB across liquidity pools in various DEXes. At this stage, they are identifying liquidity providers that have been affected by the exploit due to the drainage of liquidity pools. Next, Ankr will purchase $5 million worth of BNB and use this to compensate the victims.

“Thanks to the fast actions from the Ankr team and various protocols, we were able to minimize any damage done extremely quickly. Hacks and exploits from bad actors like this are an unfortunate possibility in Web3, even with every attention to detail in security processes – but we were well prepared. Unlike previous events in the space this year, we are doing the right thing by our community and ensuring that this is taken care of immediately with lost funds restored,” said Chandler Song, Co-Founder & CEO at Ankr.

What are the next steps for Ankr?

In an announcement to its community, Ankr emphasized that they will discontinue aBNBc and aBNBb tokens with immediate effect. Instead, new ankrBNB tokens will be minted and airdropped to affected users. This is by far the most important security measure, as the attack solely affected aBNBc, and other tokens were safe. 

To do that, Ankr is currently going through the process of taking a snapshot to airdrop the newly-released ankrBNB tokens to affected users based on the balances they had before the exploit. 

Meanwhile, Ankr alerted all users not to trade aBNBc or speculatively buy it at a discount. After proper identification, they just need to wait for the ankrBNB airdrop, which will be proportional to the amount of aBNBc and aBNBb that pre-hack users held. 

The attack on Ankr was relatively small in comparison with other recent attacks on DeFi projects, which have seen more than $3 billion stolen from various crypto protocols so far in 2022.

While the protocol has been through a few dark days, this is a learning experience. Additionally, this action plan is said to allow Ankr to more rapidly restore value to legitimate token holders while also accelerating the planned migration to an upgraded contract.

Read this next

Metaverse Gaming NFT

Despite crypto winter, Fastex grabs $23.2 million in Fasttoken token sale

Fasttoken, part of the Fastex web3 ecosystem, has secured $23.2 million in financing through the private and public token sales of its native cryptocurrency Fasttoken (FTN).

Digital Assets

Iran to repay Russian debts in gold-backed stablecoins

A high-ranking member of the Russian parliament confirmed reports that his country was in talks with Iran to create a stablecoin for foreign trade settlements, to replace the dollar, ruble and Iranian rial.

Digital Assets

SEC denies Cathie Wood’s bitcoin ETF for second time

The approval of a regulated crypto derivative is still looking far less likely, as the US regulators have once again denied Cathie Wood’s application for a long-awaited spot bitcoin exchange-traded fund (ETF).

Executive Moves

Pavel Spirin promoted to Scope Markets CEO following Rostro acquisition

Belize-based FX and CFDs brokerage Scope Markets has promoted Pavel Spirin to take on an expanded role as the company’s chief executive officer. He replaces the outgoing CEO Jacob Plattner, who has also been a major shareholder since he resigned his position as managing director at GKFX.

Retail FX goes all-in on alternative investing, launches Rare Sneaker Portfolio

“The concept of curated Portfolios means that our members will be able to invest in categories like art, trading cards, royalties, and real estate without needing to become subject matter experts on individual assets.”

Industry News

State Street taps AWS and Microsoft for cloud and infrastructure solutions

“By standardizing and simplifying our technology operating model, we will be able to more quickly deploy client environments and launch new products and services, while continuing to enhance the resiliency of our technology environment and our business operations.”

Institutional FX

Bitpanda launches Investment-as-a-Service business for banks, fintechs, online platforms

“Financial institutions today have to ask themselves how they aim to cater the increasing demand for modern investing solutions. Building these Individually, means a high startup cost, and products that are often outdated before they are even launched.”

Institutional FX

Options expands market data feeds after partnership with Tools for Brokers

“Our integration with ACTIV Financial marked the beginning of a new era in market data availability and infrastructure. Our teams have come together to provide unparalleled, fully managed market data services alongside Options’ global connectivity and infrastructure.”

Industry News

Recruitment in financial services sector buoyant despite planned mass layoffs

“It remains to be seen what impact this will have on hiring levels within the financial services arena this quarter”, said APSCo, regarding the expected mass layoffs within the financial services sector in England & Wales.