After restoring security and responding to the events of the Dec. 1st exploit of our aBNBc token, Ankr has carefully reviewed the facts and taken steps to prevent any attacks like it in the future. Regardless of any damage done, we are proud of how the team handled the situation at every turn and did right by taking care of our community.

After the hack Ankr immediately:

Who Caused The Exploit?

A former team member (who is no longer with Ankr) acted maliciously to conduct a supply chain attack, inserting a malicious code package that was able to compromise our private key once a legitimate update was made. We are in the process of working with law enforcement to prosecute the former team member and bring them to justice. Unfortunately, internal bad actors can affect any protocol and we are working on shoring up internal HR processes and safety measures to strengthen our security posture going forward.

How Did We Respond?

Immediate Action Taken To Halt the Attack

Right away, Ankr took several actions to minimize any damage from the exploit:

Formed a Recovery Plan

Ankr took several measures to start compensating users to the full extent of the losses they incurred as a result of the exploit. The team used our own Advanced API Tool to find every aBNBc token holder in 10 seconds – a task that would have taken several hours to complete using normal query methods on a dedicated node.

Reimbursed Our Community

Ankr is a Web3-native organization with an extremely strong community. To uphold this reputation, we needed to do the right thing and reimburse all token holders who were affected.

See more details on our recovery plan.

What Are We Improving?

Ankr is now implementing several improvements to our security posture. Here are a few notable reinforcements:

Requiring Multi-sig Authentication & Timelocks for All Updates

The exploit was possible partly because there was a single point of failure in our developer key. We will now implement multi-sig authentication for updates that will require signoff from all key custodians during time-restricted intervals, making a future attack of this type extremely difficult if not impossible. These features will improve security for the new ankrBNB contract and all Ankr tokens.

Revamping internal security measures

Ankr will now require escalated background checks for all employees (including all contractors and remote workers) while taking extra measures to verify the current status of those currently working at Ankr. We are also reviewing access rights and taking extra steps to minimize entry to any sensitive systems.

Implementing new monitoring & notification systems

The team was able to catch the attack extremely quickly, but we can always work on improving our response time. We are implementing new notifications systems to alert key personnel so they can be online faster during any time of day.

Refining procedures for working with DeFi protocols

Now that we’ve been through the experience of working with teams from other protocols after an incident, we can improve the process with precedent set for responding with international teams in streamlined communication channels.

More Updates To Come

We want to thank the community for your ongoing support during this time!