On the 2nd of November, after a $5 million exploit on the crypto node project Ankr, Changpeng Zhao, the founder & CEO of Binance, announced that his exchange firm had paused withdrawals related to a recent hack on Ankr. In a tweet, Changpeng said that the initial analysis is the developer’s private key was hacked, and the hacker updated the smart contract to a more malicious one. Binance paused withdrawals a few hours ago and froze around $3 million that hackers moved to our CEX, Changpeng added.
Ankr, a distributed node operator for proof-of-stake networks, allows users to stake their tokens easily without having to buy important hardware. Ankr was hacked in the early hours of the 2nd of December, and with this hack, the attackers leveraged the smart contract for the aBNBc token that allowed them to create an infinite quantity of this token. The token aBNBc represents a staked version of the BNB token of Binance that earns rewards on Ankr. According to data from CoinGecko, the price of this token collapsed by around 99.5% since the attack.
The number of tokens that the attackers created with this exploit is unclear, but according to Arkham, which is a crypto intelligence firm, the attackers were able to mint as much as 60 trillion aBNBc tokens. According to the crypto intelligence firm, the attackers swapped several of these tokens for the stablecoin USDC and started moving them off of the Binance Smart Chain and onto Ethereum.
After some time after this hack, the Ankr team confirmed that it had been robbed of around $5 million in BNB. In a tweet, Ankr also announced a proposal to make affected users whole by reissuing a new token called ankrBNB, which the company would distribute to pre-hack aBNBc holders. The company also announced that it would purchase around $5 million in BNB tokens to compensate liquidity providers.