Ankr Exploit Timeline

Update: Dec. 8 Ankr started airdroping ankrBNB to all aBNBc and aBNBb token holders (wallet only, not including smart contracts holding these tokens).Ankr have locked transferability for ankrBNB to ensure a fair launch and expect this to be unlocked by Friday evening (PST).

Users that redeemed aBNBc or aBNBb (unstake) before the exploit, will receive BNB at the end of the unbonding period.Users that redeemed aBNBc or aBNBb after the exploit, will not receive BNB at the end of the unbonding period and will get ankrBNB airdrop.

Users that held aBNBc and aBNBb through smart contracts can expect to receive an airdrop tomorrow.

Timeline

At around 08:43 on December 2, hackers used Ankr’s deploy private key to mint 10 trillion aBNBc Token, and then swaped aBNBc to USDC and bridged it to Celer Network and Multichain through a multi-step swap operation, and finally swaped all 4,684,156 USDC to 3,446 ETH, making a profit of around $5 million.

At around 09:45, one user bought over 180,000 aBNBc with 10 BNB and borrowed over 16 million stablecoins HAY by staking aBNBc on the lending platform helio. the arbitrageurs sold Hay for over 15 million BUSD, emptying the Hay liquidity pool and dumping the HAY price down to $0.21.

At around 10:24, Ankr confirmed on Twitter that the deploy private key had been ced and that it had actively engaged with DEX to inform the trading platform to block related transactions and ensure that all underlying assets of Ankr Staking were safe and all infrastructure services were unaffected, while prompting users to refrain from related transactions, remove LPs, etc. An official snapshot would be taken and aBNBc would be reissued.

At around 18:25, Ankr officials announce a preliminary solution after assessing the damage: ankrBNB is reissued to all valid aBNBc holders, with a snapshot of the time before the exploit, and $5 million in BNB is purchased to compensate LPs affected by the exploit.

At around 12:07 on December 3, in response to Helio’s arbitrage that led to the decoupling of HAY, Ankr negotiated with Helio and said that Ankr would purchase HAY within 24 hours to help restore the anchor, although Helio later said that the process of repeg may need to be extended.

Currently, Binance has frozen approximately $3 million that the hackers transferred to the exchange, and the attackers’ addresses have been added to the BNB Chain blacklist. Faced with a realized loss of $5 million in related LPs and Helio’s $15 million in bad debt, Ankr said it will call upon funds from its $15 million recovery fund to compensate BNB liquidity providers, BNB lenders, and HAY users for the losses incurred in the attack.

In response to this incident, the security team recommends that: the administrator rights of the project should be best managed by multi-signature wallet, to improve the security awareness of the project’s internal staff, and to avoid the administrator being hacked to obtain the key through phishing and other attack techniques. Improve the security awareness of the project’s internal staff to avoid the administrator being hacked to obtain the key through phishing and other attack techniques. The project needs to securely store the administrator’s key during the transfer or contract modification process to avoid the discovery of the key by someone other than the administrator.

Follow us
Twitter: https://twitter.com/WuBlockchain
Telegram: https://t.me/wublockchainenglish