BNB Chain pool Cross-chain solutions provider Allbridge has been hacked for $570,000, according to blockchain security firm Peckshield.

Peckshield first identified the hack and notified Allbridge about the possible manipulation of its swap-related formula. According to the firm, the hacker manipulated the pool swap price by acting as a liquidity provider and a swapper which enabled them to drain the pool of 282,889 BUSD and 290,868 USDT.

Meanwhile, Allbridge confirmed the incident and temporarily shut down the bridge for further investigations.

We are investigating the current situation with the BNB Chain pools.

The bridge has been temporarily shut down during the investigation.

We apologize for the inconvenience.

Another blockchain security firm Certik corroborated reports of the Allbridge exploit. According to the firm, the attacker stole approximately $549,874 by manipulating the liquidity pool’s swap price.

The firm pointed out that the hacker first flashloaned 7.5 million BUSD, swapped two million to BUSD, and deposited five million to the BUSD pool. Then, the attacker changed 500,000 BUSD to USDT and deposited two million USDT to the USDT pool.

Certik detailed how the attacker used these funds to manipulate prices on Allbridge, repay the flashloan, and end up with the stolen funds.

3/ Next, the attacker swapped 40K BUSD for 789,632 USDT at a manipulated price on Allbridge and withdrew 1,995,193 USDT from the USDT pool.

Finally, the attacker swapped 2,786,062 USDT for 2,789,971 BUSD and repaid the flashloan.

In March, 26 crypto projects were hacked for a total loss of $211 million, according to Peckshield. Euler Finance’s March 13 hack was responsible for over 90% of recorded losses.

The other top exploits recorded in the month involved projects like Safemoon, ParaSpace, TenderFi, and Swerve Finance. They were all hacked for over $1 million each, with Safemoon losing $8.9 million to a liquidity pool exploit.

During the period, a malicious player stole 56 Bitcoin ($1.5 million) from General Bytes bitcoin ATMs. The ATM manufacturer said the exploit allowed the attacker to access funds in hot wallets and exchanges. General Bytes has since released a patch to this exploit.

Overall, March was the busiest month for hackers in the current year. For context, hackers stole less than $40 million between January and February, according to DeFillama data.

Meanwhile, the rate of DeFi exploits has considerably declined this year compared to 2022. At the time, several major attacks resulted in the loss of over $4 billion.

The post DeFi Cross-Chain Solution Allbridge Exploited For $570,000 appeared first on BeInCrypto.

Similar to Notcoin - TapSwap on Solana Airdrops In 2024

origin »

235 +