Allbridge Hacked For $570,000

BNB Chain pool Cross-chain solutions provider Allbridge has been hacked for $570,000, according to blockchain security firm Peckshield.

Peckshield first identified the hack and notified Allbridge about the possible manipulation of its swap-related formula. According to the firm, the hacker manipulated the pool swap price by acting as a liquidity provider and a swapper which enabled them to drain the pool of 282,889 BUSD and 290,868 USDT.

Meanwhile, Allbridge confirmed the incident and temporarily shut down the bridge for further investigations.

How Allbridge was exploited

Another blockchain security firm Certik corroborated reports of the Allbridge exploit. According to the firm, the attacker stole approximately $549,874 by manipulating the liquidity pool’s swap price.

Allbridge hack
Allbridge Exploit (Source: Peckshield)

The firm pointed out that the hacker first flashloaned 7.5 million BUSD, swapped two million to BUSD, and deposited five million to the BUSD pool. Then, the attacker changed 500,000 BUSD to USDT and deposited two million USDT to the USDT pool.

Certik detailed how the attacker used these funds to manipulate prices on Allbridge, repay the flashloan, and end up with the stolen funds.

DeFi Projects Hacked For $211 Million in March

In March, 26 crypto projects were hacked for a total loss of $211 million, according to Peckshield. Euler Finance’s March 13 hack was responsible for over 90% of recorded losses.

DeFi Hacks
Top 5 DeFi March Hacks (Source: Peckshield)

The other top exploits recorded in the month involved projects like Safemoon, ParaSpace, TenderFi, and Swerve Finance. They were all hacked for over $1 million each, with Safemoon losing $8.9 million to a liquidity pool exploit.

During the period, a malicious player stole 56 Bitcoin ($1.5 million) from General Bytes bitcoin ATMs. The ATM manufacturer said the exploit allowed the attacker to access funds in hot wallets and exchanges. General Bytes has since released a patch to this exploit.

Overall, March was the busiest month for hackers in the current year. For context, hackers stole less than $40 million between January and February, according to DeFillama data.

Meanwhile, the rate of DeFi exploits has considerably declined this year compared to 2022. At the time, several major attacks resulted in the loss of over $4 billion.

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.

Source: https://beincrypto.com/defi-allbridge-hack-570/