Qubit Finance is the latest victim of hacking. The decentralized finance platform lost $80 million in cryptocurrency to hackers on Jan. 27. This is the largest hack of 2022 so far.
Qubit Finance Hacked
Qubit Finance acknowledged the hack in a report that was published on Medium. According to the report, the hack happened at 5:00 P.M. Eastern Standard Time on Thursday, Jan. 27.
Qubit gives its clients a " bridge " service that works between different blockchains. This means that deposits made in one cryptocurrency can be withdrawn in another.
The financial firm operates a bridge between the Binance Smart Chain or BSC network and Ethereum, according to The Verge.
CertiK, a blockchain auditing and security company, produced an analysis. It suggests the hacker was able to detect and exploit a security flaw in Qubit's "bridge" that allowed them to send in a deposit of 0 ETH and withdraw $80 million in Binance Coin.
CertiK stated that as they move from an Ethereum-dominant world to a multi-chain world, bridges will only become more important.
The blockchain auditing company added that people need to move funds from one blockchain to another, but they need to do so in ways that hackers can't detect and exploit.
The Qubit Finance team posted a statement on Twitter to appeal to the hacker. The financial firm asked the hacker to negotiate with the team to minimize losses for the Qubit community.
Qubit Finance's incident report also stated that the team was trying to offer the hacker the maximum reward possible under their bug bounty program. A listing for Qubit on the Immunefi bug bounty programs shows that the maximum reward is $250,000.
History of Cryptocurrency Hacking
Since the launch of Binance Smart Chain in 2020, several decentralized finance platform projects have been hacked.
The most severe case was back in March 2021, wherein $31 million was stolen from Meerkat Finance, according to Crypto Briefing.
The hackers changed the ownership of the smart contract address on Meerkat Finance. Soon after, the hackers started withdrawing from the smart contract to several addresses.
The primary BNB address of the backer is identified on the blockchain. It was tagged as "FakePhishing17" on BSCscan, which got 73,635.23 BNB worth $17.67 million. The remaining $13.9 million was sent to other addresses, and it was split into smaller amounts.
The address has also moved the Binance Coin or BNB to other wallets, and it was divided into seven transactions.
Each transaction was 5,000 BNB each, one in 10,000 BNB, one transaction over 23,000 BNB, and other smaller transactions.
Users of the platform lamented their losses and had reached out to Binance community. The Meerkat Finance team made a note about the hack on Telegram, but the note has since disappeared from all platforms.
Meerkat Finance also disabled their website and Twitter account, and its Telegram group is now deleted.
The users reached out to Binance CEO Chanpeng Zhao, but unfortunately, he has not replied to any comments about the hacking.
In April 2021, Uranium Finance was hacked and lost $50 million. In May 2021, Venus Finance lost $88 million to hackers.
In November 2021, PolyNetwork lost $600 million in the largest cryptocurrency heist in history.
Earlier this year, Pakistan called out Binance after investors became victims of a cryptocurrency scam.
This article is owned by Tech Times
Written by Sophie Webster