LUCKNOW (CoinChapter.com) – BNB hacker involved in the theft of nearly $600 million last year has lost funds of $60 million in collateral on the Venus Protocol’s borrowing and lending platform. Security firm PeckShield was the first to report the extensive collateral liquidation.
The hacker had pledged stolen funds as collateral to secure a substantial $30 million USDC loan through Venus Protocol. However, a sudden surge in bond yields within the past 24 hours caused a catastrophic surge in digital asset values. This rendered the loan undercollateralized and forced the liquidation of the pledged assets.
As the value of BNB dropped below $220, Venus Protocol’s smart contracts sprang into action. This led to the liquidation process, resulting in the liquidation of three loans worth $148 million. The hacker had deposited 900,000 BNB ($198 million) as collateral to borrow various stablecoins, including USDC, USDT, and BUSD.
Unlike traditional margin trading, smart contracts act swiftly without warning, avoiding reliance on broker advice. Consequently, investors involved in leveraged or collateralized positions must remain watchful. This prevents their positions from falling below a protocol’s minimum threshold.
DeFi Vulnerabilities Exposed
The individual(s) responsible for the theft of $568 million BNB after hacking the BSC Token Hub bridge in October remain elusive.
However, this attack aligns with similar incidents from 2022 attributed to Lazarus, a North Korean cybercrime group suspected of funneling proceeds into a government nuclear program. The surge in these bridging attacks underscores the vulnerabilities within the Decentralized Finance (DeFi) sector.
Bridges, which facilitate the seamless transfer of tokens across different blockchains, play a pivotal role in the DeFi ecosystem. Functioning as smart contracts, these bridges lock tokens from a source blockchain and generate their equivalent on the destination blockchain.
Despite their convenience, bridge creators are vulnerable to security flaws due to the absence of legal requirements mandating smart contract audits. Malicious actors can exploit these vulnerabilities to access locked funds.
It is noteworthy that the centralized nature of bridges can offer a degree of containment when responding to breaches. In a proactive move following last year’s hack, Binance took decisive action by suspending its Smart Chain and freezing $7 million worth of the stolen assets.
