Apr 19, 2022 16:25:00

Beanstalk loses 23 billion yen due to frequent flash loan attacks on DeFi (decentralized finance) platform

Beanstalk , one of the decentralized finance (DeFi) platforms described as 'decentralized' because it doesn't have a central presence like a cryptocurrency exchange, was targeted by attackers for $ 182 million. It is reported that a considerable loss of about 23 billion yen was made in Japanese yen.

Beanstalk Governance Exploit | Beanstalk
https://bean.money/blog/beanstalk-governance-exploit

DeFi Project Beanstalk Loses $ 182 Million in Flash Loan Attack --Bloomberg
https://www.bloomberg.com/news/articles/2022-04-18/defi-project-beanstalk-loses-182-million-in-flash-loan-attack

Beanstalk cryptocurrency loses $ 182m of reserves in flash'attack' | Cryptocurrencies | The Guardian
https://www.theguardian.com/technology/2022/apr/18/beanstalk-cryptocurrency-loses-182m-of-reserves-in-flash-attack

Beanstalk cryptocurrency project robbed after hacker votes to send themself $ 182 million --The Verge
https://www.theverge.com/2022/4/18/23030754/beanstalk-cryptocurrency-hack-182-million-dao-voting

The attacker used one of the characteristic mechanisms of DeFi, a ' flash loan ' that allows you to borrow and repay a loan within one transaction without collateral and interest.

According to Beanstalk, the attacker used a flash loan to transfer about $ 76 million in user assets to the attacker's wallet at around 12:24 Coordinated Universal Time. He said he did.

PeckShield, which handles security and data analysis related to blockchain, estimates that the amount of money that the attacker got is over $ 80 million (about 10.3 billion yen), and the total damage will be even more. News sites such as Bloomberg, The Guardian, and The Verge report a total of $ 182 million.

Hi, @BeanstalkFarms , you may want to take a look: https://t.co/wyHe3ARZgU

— PeckShield Inc. (@peckshield) April 17, 2022

1 / The @BeanstalkFarms was exploited in a flurry of txs ( https://t.co/PMsdP5dnJG and https://t.co/wyHe3ARZgU ),
leading to the gain of $ 80 + M for the hacker (The protocol loss may be larger), including 24,830 ETH and 36M BEAN.

— PeckShield Inc. (@peckshield) April 17, 2022

2 / The hack is made possible due to the flashloan-assisted (immediate) pass of BIP18, which was submitted one day ago ( https://t.co/4TocPkMna0 ). The BIP18 leads to the crafted code execution with the governance privilege to drain the pool fund. pic.twitter.com/qLYk7jhTCG

— PeckShield Inc. (@peckshield) April 17, 2022

3 / To illustrate, we use the hack tx and show the key steps below pic.twitter.com/9N71BvQfGb

— PeckShield Inc. (@peckshield) April 17, 2022

There have already been multiple reports of attacks that abused the 'flash loan', and in August 2021, the DeFi platform Cream Finance lost 3 billion yen, and in the first half of 2021 alone, a total of 52 billion yen. There has been considerable damage.

A hacker steals 3 billion yen worth of virtual currency from the DeFi platform, the damage amount of the same case is over 52 billion yen --GIGAZINE

It is not clear if this attacker was involved in any of the past attacks. It has been confirmed that the attackers donated $ 50,000 worth of virtual currency (about 32 million yen) to Ukraine.

4 / The initial funds to launch the hack are with drawn from @SynapseProtocol and most of the result gains are cryptocurrency to @TornadoCash . Currently 15,154 ETH still stays in the hacker's account. Note the hacker donates 250k USDC to Ukraine Crypto Donation. Pic.twitter .com / jBjUJ0JbGj

— PeckShield Inc. (@peckshield) April 17, 2022