Qubit Finance, a decentralized money market platform, revealed on Friday that its Ethereum-BSC bridge was exploited on January 28 due to a fault in the bridge’s contract. The intruder stole approximately $80 million in cryptocurrency capital.
“The hacker minted unlimited xETH to borrow on BSC. The team is currently working with security and network partners on next steps,” developers stated in a tweet.
According to domain names linked to the intrusion, 206,809 Binance coins (BNB) were squeezed from Qubit’s QBridge protocol. PeckShield, a security company, clarified in a tweet that the investments are valued at more than $80 million at current prices.
Decentralized finance (DeFi) initiatives like Qubit Finance use smart contracts rather than intermediaries to provide customers with financial services such as trading, lending, and borrowing.
The scammer stole approximately $80 million in revenue. wETH ($37.6 million), 767 BTC-B ($28.5 million), roughly $9.5 million in stablecoins, and about $5 million in CAKE, BUNNY, and MDX are among the funds stolen . At the moment of writing , all of the seized money was already in the hackers’wallet.
While the stolen funds are now being tracked, Qubit stated that it has tried contacting the hacker and promised the maximum reward allowed by their program. The team noted that they have been working with Binance and security collaborators on this issue. Till further notice, all operations of Qubit’s bridge have been postponed.
According to PeckShield, which assessed Qubit’s smart contracts, the QBridge was accused of hacking to generate a “huge amount of xETH collateral,” which can then be used to deplete the total amount of BNB held on QBridge.
The event report that was published by security company CertiK said that the attacker was using a deposit function in the QBridge contract to generate 77,162 qXETH, a capital that reflects ether bridged via Qubit. Intruders fooled the protocol into believing they had deposited funds while they had not.
These measures were repeated multiple times, and the hacker then transformed all of the funds to BNB, according to a tweet from CertiK.
Crypto targeted frauds, and cyber-attacks resume advancing
Crypto-targeted cybercrimes are becoming more common. Such breaches have been plaguing the crypto industry for quite some time. Immunefi, a decentralized finance security firm, recently claimed that in 2021, hackers could have stolen more than $10.2 billion.
As per the survey, over 120 feats were “successfully” conducted out on cryptosystems the year before. The Poly Network suffered a massive loss, estimated at $613 million, which in itself is significant for a single platform.
Spike In Money Laundering threats in Crypto industry
Fraudsters investigate several cryptocurrency facilities for their fraud and money laundering, and according to the research, DeFi appears to be the preferred platform for the majority of such unlawful and illicit activities. Earlier, most funds sent to criminal addresses were received by central exchanges. However, in 2021, DeFi became their favored service, receiving 17% of all finances sent from unauthorized wallets.
With a total inflow of $900 million in 2021, the overall value obtained by DeFi protocols from fraudulent addresses has increased by 1,964 % annual growth.
Aside from DeFi, mining pools, slightly elevated exchanges, and mixers all saw significant rises in price garnered from illicit domain names.
Bitcoin: Crypto with Lowest Unlawful Value Acquired
Criminals just use a few crypto coins in their transactions, as they target the specific crypto services for their fraudulent financial transactions. Whereas Altcoins obtained the significant proportion of all illicit transactions, Bitcoin earned the least.
“Bitcoin’s money-laundering activity is the least concentrated by far. The 20 biggest money-laundering deposit addresses receive just 19 percent of all Bitcoin sent from illicit addresses,” states the analysis.
The Bottom Line
DeFi is regarded as a genuine decentralized contender to the current financial sector. Nonetheless, amidst the assurances, these protocols are immensely susceptible to hackers. Many such DeFi platforms, including Grim Finance, Cream Finance, and pNetwork, have been hacked in recent months.
The most recent Qubit invasion was the seventh-largest crypto thievery on fiat value from any DeFi framework to date. Consequently, the valuation of Qubit’s QBT token has dropped by nearly 25% in the last two days.