The latest decentralized finance project to suffer at the hands of hackers is Qubit Finance as reports trickle in of large losses.
Details are very thin on the ground at the time of press, but it appears that the Qubit Finance protocol has been exploited.
In the early hours of Jan 28 the team posted a on their Twitter feed stating that a malicious actor had exploited the protocol to mint unlimited tokens on the Smart Chain-based platform:
“The protocol was exploited by; [ address]. The hacker minted unlimited xETH to borrow on . The team is currently working with security and network partners on next steps.”
Qubit suffers $80 million exploit
Blockchain security and smart contract auditing firm PeckShield confirmed the exploit, stating
“It seems the QBridge of @QubitFin is hacked to mint huge amount of xETH collateral and drain the pool funds about $80M. Please note we audited the Qubit lending, not the QBridge!”
The latest update from the protocol team that it continues to track the exploiter and monitor affected assets and has contacted the hacker to offer the maximum bounty.
RugDoc, a feed that monitors DeFi exploits, said that it was the third or fourth time that BSC-based PancakeBunny protocols had been hacked.
According to BSCscan, the address exploiting the protocol had 206,809 BNB ($79.7 million) sitting in it.
CertiK Security reported that the hacker called a deposit function in the QBridge contract but didn’t make a deposit. The Ethereum QBridge captured the deposit event and minted $qXETH for the hacker on BSC.
“The QBridge treats the Deposit event as an event of depositing #ETH because the `deposit` and `depositETH` methods in the #QBridge contract emit the same event.”
Seventh-largest DeFi hack
The process was repeated several times to increase the loot which totaled nearly $80 million, making this hack the seventh-largest according to DeFiYield’s Rekt database
Qubit Finance is a lending protocol optimized to deliver lending as a utility for BINANCE Smart Chain. Its native QBT token has crashed 31% over the past couple of hours and is currently trading at an all-time low of $0.004, down 99.2% from its September all-time high of $0.58.
Last month the Grim Finance protocol lost $30 million in an exploit a week after Brinc Finance was exploited for $1.1 million.
Got something to say? Join the discussion in our Telegram channel.
