Ankr Protocol Becomes Latest DeFi Exploit Victim

2 mins
2 December 2022, 04:18 GMT+0000
Updated by Paolo Besabella
4 December 2022, 13:21 GMT+0000
In Brief
  • As much as $5 million has been stolen.
  • An unlimited minting bug has been exploited.
  • Copycat hackers are still stealing tokens.
  • promo

Updated on Dec. 4, 13:21 UTC

DeFi hackers have been busy while all attention is focused on Sam Bankman-Fried’s interviews. Ankr Procotol has reported an exploit on its platform.

Details are thin on the ground at the moment, but there has been a sizable exploit on Ankr Protocol. On Dec. 2, the development team reported that its aBNB token had been exploited. It added that it was working with exchanges to halt trading.

Ankr also stated that all underlying assets on Ankr Staking were safe at this time, and all infrastructure services were unaffected.

Ankr is a web3 infrastructure provider for the BNB Chain ecosystem. It is a cloud computing platform that distributes idle computing power. Its native ANKR token can be mined by contributing computing power to the network. It also offers a variety of staking and yield-earning options on BEP-20 tokens.

Ankr Unlimited Minting Bug

Blockchain security firm PeckShield reported that the smart contract for the aBNBc token had an unlimited mint bug.

Furthermore, it reported that the Ankr exploiter had transferred 900 BNB worth around $253,000 into Tornado Cash. It had also bridged USDC and ETH to Ethereum, adding that the exploiter currently holds 3,000 ETH (around $3.8 million) and 500,000 USDC.

The hacker currently holds 20 trillion aBNBc, becoming the 13th largest holder of the token. aBNBc is a staking reward token otherwise known as Ankr Reward Bearing Staked BNB.

PeckShield also reported that copycat exploits were occurring as others took advantage of the vulnerability.

The losses have yet to be fully realized, but they’re likely to be in the millions of dollars. Early estimates are around $5 million gained by hackers from washing tokens through various bridges and DEXes.

Furthermore, BeInCrypto reported in October that BNB Chain was at the top of the crypto scam and rug pull list.

Binance Pauses Withdrawals and Freezes Funds in Response

In response to the hack, Binance has taken swift action to protect its users. The cryptocurrency exchange has paused withdrawals from the affected platforms as a precautionary measure, and has also reportedly frozen approximately $3 million in funds that the hacker had attempted to move to a CEX.

Binance CEO Changpeng Zhao says it is not yet clear to him how the hacker was able to gain access to the developer’s private key or what their motivations were for carrying out the attack. The situation is still developing, and Binance will continue to closely monitor the situation and take appropriate action as needed.

ANKR and BNB Prices Slide

Ankr’s native token of the same name lost just 6.6% at the time of the exploit, according to CoinGecko. ANKR fell to $0.0211 but has since managed to recover to $0.0213 at the time of press. The token is already 90% down from its April 2021 all-time high of $0.213.

The Binance BNB token dropped 3.1% on the day in a fall to $288. However, this is in line with a wider crypto market decline today, as most digital assets are in the red at the moment.


BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.