15 Feb 2025

light mode

Hacking the ANKR platform: the damage can be many times greater

Hacking the ANKR platform: the damage can be many times greater

Tonight, an unknown hacker took advantage of a vulnerability in the ANKR protocol and illegally issued 10 trillion aBNBc wrapped tokens.

On this page

After the exploit, 2 hackers were able to make a fortune (officially).

The first one sold an aBNBc “pack”, thus clearing the liquidity pool on the Pancake Swap decentralized exchange. The income from the manipulation amounted to $ 5 million. The second hacker was more cunning.

Following the aBNBc collapse, he bought 180K aBNBc for 10 BNB, exchanged them for Helio protocol hBNB and used them as collateral to take a loan in the project’s stablecoin. Then he exchanged $16 million units of this stable for BUSD, leaving his 10 BNB as collateral. In the end, loss – $3K, profit – $16 million.

Hacks are becoming the norm

There are several ways to hack a decentralized protocol:

  • Withdraw the trading pair liquidity, if it is not blocked;
  • Issue billions of new tokens (using a bug in a smart contract) to sell them at a market price;
  • Redeem the collapsed token, then take a huge loan with it;
  • Redeem the token and, using the bridge, transfer the coins to another network, later selling at the original token’s market rate.

The last 2 ways are actually an arbitrage opportunity. While the exchanges and the affected projects did not have time to react to the hack, hackers bought tokens for a penny and sold them close to the market price in a couple of clicks.

pGALA opens Pandora's Box

To explain the ANKR hack, let's remember the recent GALA token exploit on the BSC network. A month ago, a hacker attacked pNetwork and issued trillions of pGALA tokens, after which he successfully sold them on DEX exchanges. But, as with aBNBc, that was not the hack’s goal.

Due to platforms being disorganized, the GALA entry into the BSC network on some exchanges was open for as long as 30-40 minutes after the hack. Ordinary users bought a coin 100 times cheaper than the market value, transferred it to CEX and sold it. The Huobi exchange suffered the most, eventually accusing pNetwork of deliberately leaving a loophole in the smart contract and intentionally stalled before announcing the hack.

Even after pGALA was closed on all exchanges, arbitrators sent the token across the bridge and sold coins on DEX on the Ethereum network.

“pNetwork does it. Why shouldn’t I?”

Not only could aBNBc from ANKR be used for another hour in credit protocols that considered the asset at “full value”, but also aBNBc was easily exchanged through bridges for wBNB, hBNB, stBNB and other wrapped tokens, subsequently being sold for the market price BNB. The deBridgeGate and Celer bridges were mostly involved.

At the same time, some users stated that they were even able to exchange aBNBc for the original BNB, and sell them easily as a result. The coin’s exchange rate was not affected much, because the capitalization was too large.

Many in the arbitrage community are celebrating today. In 20 minutes, the guys earned a fortune, while staying in the shadows. In an official statement, ANKR referred to the fact that only the pool on Pancake Swap and the Helio protocol were affected, but, in reality, there were much more victims of the attack, and the loss could easily reach $60-80 million mark with decentralized exchanges alone.

aBNBc price drop as a result of an exploit

aBNBc price drop as a result of an exploit

A version immediately emerged on the network that the attack was planned by the ANKR protocol itself, which left the backdoor open in the base contract. And the fact that Tornado Cash and the anonymous protocol Zcash (ZEC) were used to “launder” the funds shows that the attacker had been preparing the hack for a long time, having thought about covering up the tracks in advance. ANKR also stated that it would pay compensation to all users who were affected by the initial attack. That is, those who held aBNBc before the hack. This is only $5 million. According to them, it has nothing to do with the rest of ANKR's losses.

It is likely that there will only be more of these attacks in the future, and to prevent them, you need to carefully check smart contracts and react swiftly, closing all loopholes. And ordinary users can only diversify their risks and restrict their work with projects with the algorithm that they don’t understand to a minimum.

The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.

Articles by this author
AI Is Making Crypto Scams Smarter—Insights from Chainalysis 2024

AI Is Making Crypto Scams Smarter—Insights from Chainalysis 2024

The 2024 Chainalysis report confirms that AI-driven fraud is on the rise, with crypto scammers cashing in at least $9.9 billion through advanced deception tactics.

The Coinomist
North Korean Hackers Infiltrate GitHub & NPM to Steal Crypto

North Korean Hackers Infiltrate GitHub & NPM to Steal Crypto

Lazarus Group, a North Korean hacking unit responsible for numerous cyber attacks, has launched a new campaign targeting software developers and crypto wallets.

Anahit Avetisyan
Solana Outpaces Rivals as App Revenues Surge in Crypto Revival

Solana Outpaces Rivals as App Revenues Surge in Crypto Revival

Messari reports that Solana-based apps saw an unbelievable 213% revenue spike, making Solana the top blockchain for app-generated earnings.

Anton Kryshtal
HashFlare Founders Admit to $575M Crypto Fraud Scheme

HashFlare Founders Admit to $575M Crypto Fraud Scheme

A long-anticipated court hearing in the U.S. has concluded with HashFlare co-founders Sergei Potapenko and Ivan Turogin admitting to charges of wire fraud.

The Coinomist
Weekly Analysis of BTC, ETH, and the Stock Market (Feb 10, 2025)

Weekly Analysis of BTC, ETH, and the Stock Market (Feb 10, 2025)

An overview of BTC, ETH, XAUT, and S&P500 charts, and the current cryptocurrency market dynamics.

Artem Khomenko
Weekly Analysis of BTC, ETH, and the Stock Market (Feb 3, 2025)

Weekly Analysis of BTC, ETH, and the Stock Market (Feb 3, 2025)

An overview of BTC, ETH, XAUT, and S&P500 charts, and the current cryptocurrency market dynamics.

Artem Khomenko
Weekly Analysis of BTC, ETH, and the Stock Market (Jan 27, 2025)

Weekly Analysis of BTC, ETH, and the Stock Market (Jan 27, 2025)

An overview of BTC, ETH, XAUT, and S&P500 charts, and the current cryptocurrency market dynamics.

Artem Khomenko
How to Bump a Transaction in the Bitcoin Network

How to Bump a Transaction in the Bitcoin Network

Sometimes, Bitcoin transactions can get “stuck,” especially if a low fee was set. In such cases, you might wonder: Why is my Bitcoin transaction stuck?

bitOn
Inside Cryptocurrency Farms: How Digital Coins Are Mined

Inside Cryptocurrency Farms: How Digital Coins Are Mined

Cryptocurrency farms and mining have evolved significantly since Bitcoin launched in 2009. To understand their growth, it helps to look at the broader history of resource extraction.

The Coinomist
From Bulls to Ballers — Why Celebrities Are Flocking to Crypto

From Bulls to Ballers — Why Celebrities Are Flocking to Crypto

Trump’s meme coin isn’t an outlier—it’s part of a broader trend. Back in 2021, celebrities were minting NFTs, and by 2024, they had moved on to personal token launches. The connection between fame and crypto has been growing for years, even if many failed to see it.

Vlad Vovk
Which Macroeconomic Factors Make Crypto Rise or Fall? 

Which Macroeconomic Factors Make Crypto Rise or Fall? 

It happens when you check the market and crypto prices are up or down for no obvious reason. Then you do some research and find out that there are actually reasons outside the crypto space.

Anahit Avetisyan
How Blockchain Helps Combat Disinformation

How Blockchain Helps Combat Disinformation

Fake news has become a global issue, shaping public opinion, fueling social tensions, and even influencing political decisions. With the rise of social media, the spread of misinformation has accelerated, making it increasingly difficult to regulate. However, blockchain technology offers a promising solution in the fight against fake news.

Daryna Nesterenko
Trading Psychology: How to Avoid Falling Victim to Your Own Biases

Trading Psychology: How to Avoid Falling Victim to Your Own Biases

The most successful traders aren’t always the smartest. More often, those who excel are the ones who understand psychological traps, manage their emotions, and maintain rationality under pressure.

Vlad Vovk
SBF’s Prosecutor Quits – What It Means for Crypto Crime

SBF’s Prosecutor Quits – What It Means for Crypto Crime

Danielle Sassoon, Acting U.S. Attorney for the Southern District of New York, has resigned, making headlines this week. And you’ve definitely heard of one of her biggest “client” names.

Anahit Avetisyan
Trump’s Crypto Summits: Pragmatic Move or Regulatory Mess?

Trump’s Crypto Summits: Pragmatic Move or Regulatory Mess?

What’s the best way to figure out how the crypto industry needs to be regulated in the U.S.? Donald Trump is considering different options.

Anahit Avetisyan
MORE
«Mass Adoption Isn’t About Tech – It’s About Perception». Bitmedia Founder Matvii Diadkov – About RWA, Web3, And Marketing

«Mass Adoption Isn’t About Tech – It’s About Perception». Bitmedia Founder Matvii Diadkov – About RWA, Web3, And Marketing

Matvii Diadkov, founder of Bitmedia, shared with us in an exclusive interview his expert insights on Web3 adoption, impact of GameFi and community-centering tendencies in the market.

The Coinomist
“Satoshi is CIA”: Swedish crypto bro opens up about his Bitcoin journey

“Satoshi is CIA”: Swedish crypto bro opens up about his Bitcoin journey

The first crypto craze took place almost a decade ago. Overnight, many people found out about Bitcoin and its underlying technology, blockchain.

Lesia Dubenko
MORE