- A security violation almost made Ankr drown, but the well-timed arbitration saved them from the ominous event.
- Ankr highlighted in their reports that they, “warned familiar off-rams to impose their emergency plans” which suspended trading.
- Ankr reveals that it will cease the affected tokens quickly, highlighting that it will utilize a snapshot to recognize the affected liquid provider.
The analysis
On December 1, Ankr recognized a security violation on the project in which the worst actors were capable of accessing internal access and taking off tokens. In line with the report presented by the team, the attackers were capable of approaching the private developer key and amend the smart contract for aBNBc, Ankr’s BNB liquid staking token.
This amendment gave the worst actors the ability to make a limitless amount of tokens from nothingness utilizing an infinite bug. More than 60 trillion tokens were produced with the hackers transforming the tokens into the USDC stablecoin.
USDC which totaled almost $5 was shifted from Binance Smart Chain to Ethereum prior to the transactions being indicated, possibly saving the project a fortune. Ankr highlighted in their reports that they, “warned familiar off-rams to impose their emergency plans” which suspended trading.
More steps were taken to reduce the loss of capital, such as utilizing a fresh key to protect smart contracts and updating all systems to “halt the motion of the underlying collateral to be secure.” The team highlighted that parties offering liquidity to decentralized exchanges backing the influenced tokens had been properly informed of the growth.
“Ankr will buy a $5 million value of BNB and utilize this to pay back the liquidity providers that have been influenced by the attack because of the wastage of the liquidity pools,” said Ankr in a statement.
“We know weakened aBNBc was hypothetically traded after the attack happened, but we are only capable to pay back LPs unaware of the happening.”
Ankr reveals that it will cease the affected tokens quickly, highlighting that it will utilize a snapshot to recognize the affected liquid provider. The project reduced user threat by verifying that funds and basic assets are secure and users “will keep their places from before.”
Ankr was launched in 2017 with the idea of harnessing the cloud computing power left idle in data centers globally and reallocating it to power bitcoin mining, node hosting, the Internet of Things, and more.
Source: https://www.thecoinrepublic.com/2022/12/05/ankr-discloses-reimbursement-plan-for-users-affected-by-5-million-attack/