Binance Smart Chain Says Well-Organized Hackers are Now ‘Targeting BSC’
As the transaction fees on the Ethereum network skyrocketed, more and more projects shifted towards Binance Smart Chain. Though, with BSC hosting attacks one after another, it has now turned to the hotbed of DeFi exploitations. In May 2021 alone, 6 big BSC hacks took place, with the biggest one — PancakeBunny — being exploited for more than $200 million worth of crypto assets.
Belt Finance Exploited for $6M
BSC-based AMM protocol Belt Finance is the most recent project to fall victim to a flash loan exploit. According to a report on the incident, the exploitation commenced on May 29, 2021, as the attacker executed a flash loan using a smart contract on the 4Belt BLP Pool.
The hacker performed the exploit transaction 8 times, each time raking in approximately 0.7 million of BUSD, which sums up to a total of 6.2 million BUSD. According to Belt Finance, two of its liquidity pools — beltBUSD and 4Belt — were affected, whose users lost 21.36% and 5.51% of funds, respectively.
BELT, the native token of Belt Finance, has lost more than 50% in value as a result of this exploitation. On May 28th, BELT was trading for $61. However, as of now, the coin is trading at around $29, according to data by Coinmarketcap.
BSC Community Steps In
Flash loan exploits are not rocket science. In this type of attack, hackers normally acquire substantial loans on other platforms and utilize these loans to manipulate token prices. Yet, many projects fail to predict and hinder these attacks.
At such a time, BSC feels responsible to step in and assign a set of guidelines to help protect projects from falling victim to exploits. In a recent tweet, the Binance Smart Chain community earnestly asked the projects running on BSC to be more watchful and apply necessary risk control measures.
In the first place, BSC suggests multiple code checks and advises audits. It additionally emphasizes forked projects to “double and triple-check” their changes. Other than this, all other instructions are risk control measures, which comprise active monitoring, a contingency plan, and a bounty program to further incentivize users to cooperate with the projects.
A Recap of Major BSC Exploits in 2021 — So Far
Binance Smart Chain, with a diminutive number of validators compared to Ethereum, has recently passed Ethereum by nearly 600% in transaction volume. Of course, this notable fame quickly captures the eyes of predators seeking even a ‘small’ opportunity to exploit the situation.
This may be the case with BSC’s consecutive hacks and attacks. In 2021, 9 more notable BSC-based projects were exploited, accounting for a whopping $370 million in losses. To put this number into perspective, the amount lost due to BSC hacks this year so far is more than double the amount DeFi hacks totaled in 2020 — 240%, to be exact. Let’s take a look at some unforgettable cases.
The greatest exploit was PancakeBunny, with more than $200 million worth of crypto assets being drained from the project. The exploit, which was a flash loan attack, took place on May 20th. The hacker borrowed a massive amount of BNB, which was utilized to manipulate the BUNNY price and dump its value from $240 to zero.
Uniswap clone on BSC, Uranium Finance, secures second place in the list of most memorable exploits of 2021. One week after upgrading to Uranium v2, the project was hacked through a leak in its contracts. The exploitation took place on April 28, 2021, begetting the project to lose $50 million in tokens.
Multiple other $30M+ exploits include Cream Finance, Meerkat Finance, and Spartan Protocol. Though, it is valuable to recall that DeFi is still in its experimental phase. Plus, all these hacks showcase the faults in the protocols, not in their underlying technology — the blockchain.
What are your thoughts regarding the successive hacks of BSC-based protocols? Do you think this is an indication that BSC is not a safe home to DeFi protocols? Let us know in the comments below.