Hackers withdrew $80 million from the pool of the DeFi platform Qubit Finance

Hackers withdrew $80 million from the pool of the DeFi platform Qubit Finance

The Qubit Finance landing platform based on Binance Smart Chain (BSC) has been subjected to a hacker attack. According to PeckShield, the attackers removed digital assets worth about $80 million from the project pool.

Analysts noted that hackers took advantage of the QBridge cross-chain service exploit, which allowed them to issue a “huge” number of xETH tokens. The latter were used to secure an illegitimate loan on the platform.

PeckShield stressed that they conducted an audit of smart contracts related to the landing component of the project. They did not check the QBridge codebase.

The Qubit Finance DeFi platform allows you to take loans secured by digital assets.

The QBridge solution provides an opportunity to use cryptocurrencies outside of BSC to secure loans. At the same time, they do not need to be moved from one blockchain to another.

CertiK explained that the exploit allowed attackers to release xETH without actually making a deposit. Then they converted the assets into BNB.

The address associated with the attack contains 206,809 BNB — more than $79.23 million at the exchange rate at the time of writing.

The project team confirmed the information about the hack. The developers contacted the hackers and offered them a reward to “minimize” the negative effect on the community.

According to the project’s blog, its tem monitors the actions of intruders and “controls the affected assets.” Developers collaborate with security partners, including Binance representatives. Most of the platform’s functions are temporarily disabled.

Against the background of the incident, the price of the Qubit project token (QBT) collapsed by 26%, according to CoinGecko.

Recall that in December 2021, hackers withdrew $30 million in digital assets from the Grim Finance DeFi platform.

Security