Monday , November 25 2024
Home / Crypto news / Flash Loans Strike: Belt Finance Exploited for $6.2 Million

Flash Loans Strike: Belt Finance Exploited for $6.2 Million

Summary:
The hacker managed to steal .2 million worth of BUSD, the Binance native USD-pegged stablecoin converted to ETH via 1inch DEX and partially withdrawn from Binance Smart Chain onto Ethereum. This hack was comparatively benign: only .2 million was stolen from Belt Finance’s massive .6 billion total value locked (TVL). The beltBUSD vault uses four strategies. A bug in the Elipsis strategy was used to leak out funds via the Venus strategy. The vault sends new deposits to the most undersubscribed strategy and pays out withdrawals from the most oversubscribed strategy to create balance between the four of them. The Elipsis strategy bug creates a value miscalculation if the 3EPS pool becomes unbalanced. Using flash loans, the hacker swapped about 0 million from BUSD to

Topics:
Varun GS considers the following as important: , , , ,

This could be interesting, too:

Chayanika Deka writes BIT Mining Settles for M Over Bribery Allegations in Japan Resort License Bid

Wayne Jones writes US Charges 5 for Multi-Million Crypto Hacking Operation

Jordan Lyanchev writes 0M in Liquidations as Bitcoin Dumps Below K, Ripple Down 10% Daily

Wayne Jones writes Shaquille O’Neal Agrees to M Settlement Over NFT Lawsuit

The hacker managed to steal $6.2 million worth of BUSD, the Binance native USD-pegged stablecoin converted to ETH via 1inch DEX and partially withdrawn from Binance Smart Chain onto Ethereum.

  • This hack was comparatively benign: only $6.2 million was stolen from Belt Finance’s massive $2.6 billion total value locked (TVL).
  • The beltBUSD vault uses four strategies. A bug in the Elipsis strategy was used to leak out funds via the Venus strategy.
  • The vault sends new deposits to the most undersubscribed strategy and pays out withdrawals from the most oversubscribed strategy to create balance between the four of them. The Elipsis strategy bug creates a value miscalculation if the 3EPS pool becomes unbalanced.
  • Using flash loans, the hacker swapped about $200 million from BUSD to USDT, unbalancing the 3EPS pool and activating the Elipsis strategy bug. The 4Belt pool at this point would have overvalued the hacker’s shares, paying out an additional 0.5% profit after the conclusion of the flash loan. This resulted in a $1M profit from a single $200M flash loan transaction.
  • The hacker repeated the transaction multiple times, netting $6.2M in profit and causing $13M in total losses, since $6M in fees were paid to the 3EPS pool.
  • Along with other recent hacking indicents in the Binance Smart Chain ecosystem, this hack has led to a condemnation of ‘fork culture’ where entire codebases are replicated without thorough audits. This issue has led to several flash loan attacks over the past few weeks.

You Might Also Like:

About Varun GS

Leave a Reply

Your email address will not be published. Required fields are marked *