Monday , November 4 2024
Home / Crypto news / Flash Loans Strike: Belt Finance Exploited for $6.2 Million

Flash Loans Strike: Belt Finance Exploited for $6.2 Million

Summary:
The hacker managed to steal .2 million worth of BUSD, the Binance native USD-pegged stablecoin converted to ETH via 1inch DEX and partially withdrawn from Binance Smart Chain onto Ethereum. This hack was comparatively benign: only .2 million was stolen from Belt Finance’s massive .6 billion total value locked (TVL). The beltBUSD vault uses four strategies. A bug in the Elipsis strategy was used to leak out funds via the Venus strategy. The vault sends new deposits to the most undersubscribed strategy and pays out withdrawals from the most oversubscribed strategy to create balance between the four of them. The Elipsis strategy bug creates a value miscalculation if the 3EPS pool becomes unbalanced. Using flash loans, the hacker swapped about 0 million from BUSD to

Topics:
Varun GS considers the following as important: , , , ,

This could be interesting, too:

Wayne Jones writes South Korea’s Crypto Investor Base Increased by 21% in 2024 H1: Report

Jordan Lyanchev writes Is This The Last Week Bitcoin (BTC) Will Ever Be Below K?

Wayne Jones writes RWA Sector Poised for 0B Growth by 2030: Report

Wayne Jones writes London Teen Accused of Helping Al Qaeda Raise Funds in Crypto: Report

The hacker managed to steal $6.2 million worth of BUSD, the Binance native USD-pegged stablecoin converted to ETH via 1inch DEX and partially withdrawn from Binance Smart Chain onto Ethereum.

  • This hack was comparatively benign: only $6.2 million was stolen from Belt Finance’s massive $2.6 billion total value locked (TVL).
  • The beltBUSD vault uses four strategies. A bug in the Elipsis strategy was used to leak out funds via the Venus strategy.
  • The vault sends new deposits to the most undersubscribed strategy and pays out withdrawals from the most oversubscribed strategy to create balance between the four of them. The Elipsis strategy bug creates a value miscalculation if the 3EPS pool becomes unbalanced.
  • Using flash loans, the hacker swapped about $200 million from BUSD to USDT, unbalancing the 3EPS pool and activating the Elipsis strategy bug. The 4Belt pool at this point would have overvalued the hacker’s shares, paying out an additional 0.5% profit after the conclusion of the flash loan. This resulted in a $1M profit from a single $200M flash loan transaction.
  • The hacker repeated the transaction multiple times, netting $6.2M in profit and causing $13M in total losses, since $6M in fees were paid to the 3EPS pool.
  • Along with other recent hacking indicents in the Binance Smart Chain ecosystem, this hack has led to a condemnation of ‘fork culture’ where entire codebases are replicated without thorough audits. This issue has led to several flash loan attacks over the past few weeks.

You Might Also Like:

About Varun GS

Leave a Reply

Your email address will not be published. Required fields are marked *