According to At security firm Peckshield, a flash lending attack on credit-based stablecoin protocol Beanstalk resulted in the theft of $80 million in tokens.
A malicious DAO proposal
The striker took out a $900m flash loan on Aave, a type of unsecured loan. They then used these funds to add liquidity to a BEAN+3pool, a liquidity pool for stablecoins on a decentralized exchange curve. The attacker then used the funds to accept an improvement proposal (BIP) to drain protocol liquidity, which the attacker was able to spend with his own funds and drain protocol liquidity worth over 80 millions of dollars. Interestingly, after the attack he donated $250,000 to Ukraine, which was coded into the contract when the attack was carried out.
Although the attack is still under investigation and the information is not fully confirmed, the protocol lacked safeguards to prevent this type of DAO proposal. A user should not be able to borrow a large sum of money to approve a proposal quickly. According to one of the founders, Publius, user funds are unlikely to be refunded as there is no venture capital funding, and the attacker is currently trying to siphon off their funds using Tornado Cash.
What is the Beanstalk?
Beanstalk is a decentralized credit-based stablecoin protocol based on Ethereum launched in August 2021. It has its stablecoin, $BEAN, which is unsecured. Instead of using collateral, he said he relied on a community of lenders to hold Bean in place by offering incentives to users, lenders and arbitrageurs. The protocol had gained popularity due to its high efficiency. Its stablecoin, $BEAN, currently has a market capitalization of around $40 million, but people are unlikely to be able to withdraw because there is no liquidity.
This remains for be seen whether $ BEAN will be be able for maintain his peg Following the To hack, as the team Is do not appear for to have a plan.
Still, the doesn’t been sufficient information for reach a definitive conclusion for the weather be, and users are wait for a autopsy for to learn After in regards to the situation.