On Sunday, a hacker stole cryptocurrencies valued at $182 million from the decentralized finance (DeFi) project Beanstalk Farms, effectively becoming the fourth-largest decentralized finance (DeFi) hack in history.
The flash attack drained $182 million in Ethereum, BEAN stablecoin, and other cryptocurrencies. “The perpetrator used a flash loan to exploit the protocol’s governance mechanism and send the funds to a wallet they controlled,” said a Beanstalk statement in the aftermath of the hack.
The hack came to light a mere two days after the company said it had locked over $150 million in assets on its protocol.
However, the hacker only took home a net profit of approximately $80 million, according to blockchain analytics firm PeckShield, due to the fact that he needed funds to perform the attack itself. This includes paying fees for the usage of a decentralized crypto exchange like Uniswap and the open-source liquidity protocol Aave. According to PeckShield, the hacker used Tornado Cash, which enables privacy in cryptocurrency transactions by concealing the link between a crypto address and destination.
Recommended for You
Beanstalk said it temporarily disabled its protocol governance and paused Beanstalk while it worked on addressing the DeFi exploit.
“Approximately $76 million was stolen from the protocol’s liquidity pools. The team has since burned the remaining Beans in the exploiter contract,” said Beanstalk about the actions it took following the attack.
The company says it is working on a safer version of Beanstalk, and on Sunday asked users to help: "As a decentralized project, we are asking the DeFi community and experts in chain analytics to help us limit the exploiter's ability to withdraw funds via [centralized exchanges]. If the exploiter is open to a discussion, we are as well."As a decentralized project, we are asking the DeFi community and experts in chain analytics to help us limit the exploiter's ability to withdraw funds via [centralized exchanges]. If the exploiter is open to a discussion, we are as well."