Ankr Protocol (ANKR) has revealed that a former team member carried out a December 2nd hack that resulted in a loss of nearly $5 million. statement.
Ankr wrote that the former team member performed the hack using malicious code that compromised the private key when legitimate updates were made.
Hackers exploited a bug in the code of the Ankr protocol to create 6,000 trillion aBNBc tokens, some of which were converted into $5 million USDC. Binance seized his $3 million of converted stolen funds. At the time, a blockchain analysis firm said the compromised private key was the cause of the hack.
Ankr said it reported the former team member to law enforcement, adding:
“[We are] We will strengthen our internal personnel processes and safety measures to strengthen our security posture going forward. “
During that time, all Ankr employees are subject to background checks and have limited access to sensitive systems. Additionally, Ankr said it will implement multi-sig authentication in the update to prevent such hacks from happening again.
Ankr has issued refunds to affected parties
Ankr said it has taken steps to compensate users, liquidity providers and lenders affected by the exploit.
According to the company, it created a new ankrBNB token and later airdropped it to affected owners. He added that he is working to fix the damage to Helio (aBNBc borrowing platform) by restabilizing the price of the HAY stablecoin.
Following the exploit, the HAY stablecoin was pegged as traders profited $15 million from the situation. The trader borrowed about $16 million of his HAY stablecoin for 10 BNB from the pool because the platform failed to update the price of his Ankr-related token.
Ankr said it will continue to buy the HAY stablecoin until it returns to its peg. At the time of writing, the stablecoin he was trading at $0.998143.