Another DeFi platform was hacked tonight. A big danger for investors is being overlooked. We will deal with the details of the attack, the losses and all the details. More importantly, we will eliminate the great danger that awaits investors. So, let’s get started.
Bean farms hacked
The attack is caused by a vulnerability in the code of the Beanstalk Farms smart contract. It is known that the total damage is about $ 80 million. Beanstalk Farms, a decentralized credit-based stable coin protocol, uses a Bean token indexed in US dollars on the Ethereum blockchain. Bean investors can earn money in various ways using a smart contract.
So how was the attack carried out?
The hacker received an express loan of $1 billion from AAVE.
A flash loan provided by AAVE costs 0.09% and must be paid as part of the same transaction.
The attacker buys tokens of the Bean and Lust platform with a loan of $ 1 billion. The price balance is broken and overstated.
By establishing a BIP18 contract with this transaction, the attacker seized the privilege of managing a decentralized platform with high Flashloan purchases and managed to empty the pools.
The attacker donated $250,000 of stolen money to Ukraine and began laundering a significant part of it using Tornacash.
Investors are in great danger!
The project shared the following information about the subject and said that a detailed announcement would be published. However, it is clear that they are at the mercy of an attacker from the shares made from their Discord accounts. So it probably looks like the end of the road for Beanstalk Farms.
Investors can often invest in lesser-known DeFi contracts with a high appetite for profit. In the comments to the post of the Beanstalk Farms account, we see that many investors have lost 4-5-digit amounts. Although centralized exchanges such as Binance offer much lower rates of return, they are secure enough not to be hacked due to “vulnerabilities in the code.” All DeFi hacking incidents are due to human errors in written smart contracts.
These systems, which investors trust with their money, are fraught with risks such as closure or attack. We can compare these platforms to time bombs. Investing in less well-known and unreliable platforms only with the motivation of high profits can lead to irreversible losses.