Key Takeaways:
- Beanstalk Farms is exploited in a flurry of transactions, leading to the gain of $80M for the Hacker, including 24,830 ETH and 36M BEAN.
So if we compare the amount hacked in this hack with theย Rekt Leaderboard. This hack is the 10th biggest in the history of DeFi. It has even surpassed theย $77.7 M of the AscendEX Network. Below is a quick overview of this project.
Beanstalk Farmsย has described itself as a decentralized credit-based stablecoin protocol.
Here are the links to Hacker’s transactions:ย Link 1 andย Link 2.
The hack is made possible due to the flashloan-assisted (immediate) pass of BIP18, which was submitted one day ago. Here is the link to that transaction:ย Link. The BIP18 leads to the crafted code execution with the governance privilege to drain the pool fund.
In the below image by Peckshield, you can see all the steps performed by the Hacker.
This project was audited byย Omnisciaย Team. They are a decentralized team of experienced, smart contract auditors & developers with deep expertise in building and securing complex decentralized networks and applications.
They were tasked with performing an audit of the Beanstalk codebase and, in particular, their complete stablecoin protocol implementation. Throughout the audit, they were able to pinpoint a significant vulnerability in plot transfers and several potentially exploitable attack vectors. Here is theย linkย to the audit.
As the result of this attack, the price of its native token, i.e. BEAN, is decreased by 100%.
Publius, the discord owner, hasย statedย that the project has no money to carry on, andย its dead.
Hacker has roughly moved around roughly $30M (~9700 ETH) into Tornado Cash. Below is the screenshot of Tornado Cash Transactions.
Hackers have also donated around ~$250k in USDC into Ukraine Crypto Donation. Below is the screenshot of these donations.
