kyberswap banner


Home defi

BSC Reeling From Recent Series Of Flash Loan Attacks

BSC Reeling From Recent Series Of Flash Loan Attacks

Belt Finance, the latest victim to Binance Smart Chain (BSC) flash loan attacks, has accounted for their total loss as $50 Million. The team released their incident report on Sunday and stated that they would release a compensation plan within 48 hours. 

The latest updates state that the beltBUSD pool's loss was $50 Million BUSD with $43.8 Million in fees added to the $6.23 million in profits taken by the attacker.

Follow Up To The Belt Finance Attacks

As per the incident report, BeltBUSD vault users' loss amounts to 21.36% capital loss, and 4Belt mining pool users suffered a 5.51% capital loss. These were the only pools affected, and Belt has suspended withdrawals and deposits. The team has also patched the attack vectors of the two pools. 

The withdrawals and deposits will resume in the next 24-48 hours once the contract upgrade is complete. Belt Finance is keen on working together with the BSC community to address the issues that have caused the attacks. 

The team further added,

"There have been rumors that the team has sold its tokens. This is not true, we have never sold any tokens, and this can be verified through the address plainly posted in our telegram group. Please be wary of the FUD and misinformation."

Why BSC?

The series of flash loan attacks have made the blockchain community question the BSC chain. However, the issue is not the blockchain as much as the strategy involved. In February, Yearn Finance, a DeFi project known for its immunity, was also attacked, causing a loss of millions of dollars.

Hackers needed until May of this year to figure out a way to launch flash loan attacks on BSC. The BSC lock-up funds are second only to Ethereum, an appealing factor for hackers. Now that the hackers have knowledge and experience in initiating flash loan attacks, BSC is an easier target.

BSC did not have a cross-chain bridge earlier, and the funds could not move out of the blockchain network. With AnySwap and Nerve providing cross-chain services, the funds are easily diverted to Ethereum, leaving BSC with no way to freeze it. 

A Lesson To Evolve From

While it is easy to blame one or two factors, the reality is far from being as simple. Blockchain technology is still under evolution; look at its progress in the last four years and note the strides made. The hacking incidents of BSC escaped the vigilance of blockchain whales such as Sam Bankman-Fried (SBF), CEO of crypto exchange, FTX Official.

SBF has funds invested in Belt, MDEX, PancakeSwap, and Venus for farming, amounting to $800 Million. The capital in Belt is estimated to be $310 Million in the 4Belt capital pool, which was the target of the attacks. 

Belt also invested its users' funds in Ellipsis, an exchange for stablecoins on the BSC. The strategy was named bEllipsisBUSD, and the Ellipsis 3Pool was used to convert BUSD to USDT, and then BUSD. The conversion volume being ~$ 18 Billion brought nearly $8 Million as transaction fees to Ellipsis. 

Precautions To Be Taken To Avoid Slippage Fees

Investors are currently in a state of panic, losing trust in the projects that have been the target of the attacks. They're keen on investing in projects supported by BSC, such as Venus. The perspective is that if anything happens to Venus, BSC will be there to handle the blow. 

Once Belt is open for fund withdrawals, community users estimate that investors will trigger a massive withdrawal. This may cause a shortage of certain coins resulting in excess swap slippage in the Belt pool. To avoid facing slippage losses, investors will withdraw coins according to the fund pool ratio instead of withdrawing coins separately. 

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.