Belt Finance has become the latest Binance smart chain-based decentralized finance, or DeFi, protocol, which makes millions of losses from an opportunistic hacker.
Exploits the Rekt blog, which does the postmortem of Daffy, Having said That an attacker exploited a flaw in the way the protocol’s vault calculates the value of its collateral, which helped “add another notch to the now infamous Flash loan exploit season on BSC”, adding:
“Yet another fork of a fork has been rolled off the conveyor belt and $ 6.3M has fallen directly into the hands of the hacker.”
Rekt revealed that a total of eight flash loans were made on Pancakeswrap for $ 375 million BUSD. BeltBUSD Vault’s “ellipsis” strategy was exploited because it was the lowest subscription strategy on the platform.
Belt Finance uses Optimum Yield Aggregator to offer passive yield generation to depositors. Ellipsis is a decentralized exchange that enables the exchange of stable coins with less slippage on the Binance Smart Chain. The BeltUSD Vault BSC-based protocol also invests capital for produce on Venus, Alpaca and Fortube.
On May 30, Sushi Swap Core developer Mudit Gupta posted a Twitter Thread Investigating the incident, Flash Lone described the attack as one of the “more complex hacks”.
The belt’s vaults operate with a target balance for each strategy employed, he explained. When a user deposits money in a vault, capital is allocated to the strategy with the lowest membership. When someone withdraws money from the vault, he withdraws it from the most heavily subscribed strategy.
Gupta insisted that the attacker exploited the system to perform multiple transactions in a number of strategies, inflating the value of his pool before paying off flash loans, and generating more than $6 million in profits. Gupta concluded:
“Originally, the problem occurred because the belt incorrectly integrated with ellipsis. One such case also occurred last month at Belt Finance but at the time, the problem was buggy integration with Venus. I’m surprised. Is there any bug-free integration in the belt. “
Venus is another BSC protocol for lending and borrowing through the mining of synthetic stablocks.
Belt Finance is the latest in a long list of BSC DeFi protocols to be exploited. On May 28, BurgerSwap DEX was attacked resulting in a clearance of $ 7.2 million.
So far this year, Cream Finance, Bearn, Boggd Finance, Uranium Finance, Meerkat Finance, Safemoon and Spartan Protocol have all faced exploitation on the Binance smart chain. Binance is now changed Blockchain Intelligence Company ciphertrace for analytics support To reduce further intrusions.