The cross-chain bridge of DeFi protocol Qubit Finance, referred to as X-Bridge, has been exploited and misplaced $80 million within the course of.
X-Bridge facilitates swapping tokens from Ethereum to Binance Sensible Chain. In different phrases, when somebody deposits an ERC-20 token to the bridge, they obtain a BEP-20 token in return, which may then be used on Binance Sensible Chain.
There was a “logical error” in X-Bridge’s sensible contract code that led to the exploit, in line with blockchain safety agency CertiK. The error in the code allowed the attacker to withdraw tokens on Binance Sensible Chain when none was deposited on Ethereum.
The attacker ended up netting 77,162 qXETH ($185 million), which they then used as collateral and borrowed different asserts from lending swimming pools value $80 million, in line with CertiK.
These property are 15,688 wETH ($37.6 million), 767 BTC-B ($28.5 million), round $9.5 million value of assorted stablecoins, and about $5 million value of CAKE, BUNNY, and MDX tokens.
Whereas the attacker exploited X-Bridge for $185 million, they didn’t immediately convert the 77,162 qXETH to ETH, thus they ended up profiting solely $80 million by the above tokens, CertiK advised The Block.
“That is by far the biggest exploit of 2022 to this point,” the agency added. Final yr, DeFi tasks misplaced $1.3 billion in hacks, in line with CertiK.
Qubit Finance said it has contacted the exploiter to supply the utmost bounty. In the meantime, it has disabled sure capabilities of X-Bridge till additional discover, whereas claiming of funds is accessible.
© 2022 The Block Crypto, Inc. All Rights Reserved. This text is supplied for informational functions solely. It isn’t supplied or meant for use as authorized, tax, funding, monetary, or different recommendation.