Another Day, Another Exploit... Belt Finance Under Flash Loan Attack

in LeoFinance4 months ago (edited)



So it seems hacks/exploits on Binance Smart Chain are becoming a more frequent happening. Yesterday Belt Finance a defi protocol on Binance Smart Chain became the latest victim of flash loan attack, with exploiters taking 6.2 million BUSD with an overall $50 million loss for the platform.

As per Belt Finance, the perpetrators created a smart contract that used PancakeSwap for flash loans and exploited Belt/BUSD pool and the underlying strategy protocols. The exploiters than repeated contract execution eight times, earning total 6.23 million BUSD (US $6.23 million). Belt/BUSD pool users endured 21.36% loss of funds and 4Belt pool users endured 5.51% loss.

Belt Finance halted all withdrawals and deposits until the vulnerability resulting the exploit has been patched, and has been working on a compensation plan.

Despite Binance denying responsibility, the hacks, exploits or rug pulls does put up a negative image of the blockchain. And it seems Binance has already been working to bring security and intelligence tools to the blockchain. This week, CipherTrace extended its analytics support to Binance Smart Chain, allowing the Defi projects across the chain to identify and flag the high risk or potentially malicious transactions.

But as of now(it seems) there is no stopping the flash loan exploits happening across the protocols built upon the chain. It would be interesting to see how Binance tackles the situation.


158817836372645504 45.png

Posted Using LeoFinance Beta


Interesting. I wonder if this type of exploit is stopable, are all LP vulnerable by their nature. I wonder what the patch does? Cap orders?

Posted Using LeoFinance Beta

Yeah capping orders can be a nice temporary solution.

Posted Using LeoFinance Beta

Very interesting.

The concept of loans in crypto works only if the protocol is 100% trustworthy. I wonder how many people use it :P

Posted Using LeoFinance Beta