TL;DR
On December 02, 2022, the Ankr protocol on BNB chain suffered a governance key compromise, allowing an attacker to mint 10,000,000,000,000 $aBNBc tokens and drain the DEX pool, resulting in the loss of approximately $5 million.
Introduction to Ankr
Ankr is a decentralized Web3 infrastructure provider that helps developers, decentralized applications, and stakers interact easily with an array of blockchains.
Vulnerability Assessment
The root cause of the vulnerability is due to the compromise of their governance key.
Steps
- The team had announced changes to all Reward Bearing and Earning Tokens token models prior to the incident.
- The $aBNBc token is an upgradeable token contract, which means that the admin can change the code at any time.
- The exploiter stole the key of Ankr Deployer and minted himself 10T $aBNBc tokens as viewed from this transaction.
- The preparator transferred 1.125 $BNB tokens to Ankr Exploiter address as a gas fee by controlling the key of Ankr Deployer, and then began to dump $aBNBc.
- At the time of this writing, the exploiter address has approximately $5,132,588 worth of assets and has already deposited 900 $BNB tokens into Tornado Cash so far.
- The attacker also sent between $3 and $4 million involving multiple transactions to the ETH mainnet through the Celer bridge.
- Additionally, the exploiter used PancakeSwap to exchange $aBNBc tokens for $BNB and $USDC before converting them to $ETH.
- The $aBNBc-related pool on PancakeSwap has been depleted, and the exploiter has consequently ceased dumping aBNBc.
Aftermath
After the incident, the team issued a statement on Twitter mentioning that they were currently working with exchanges to immediately halt trading. The price of the $ANKR token plummeted and was last observed trading at $0.02168.
In addition, they stated that all the underlying assets on Ankr Staking were safe at this time, and all infrastructure services are unaffected. The team will be drafting a plan to compensating affected users.
How to prevent such an attack vector
The exploiter deployed an attack contract, changed the upgradeable aBNBc contract to the malicious implementation and then minted a massive amount of tokens for his wallet.
This can either be caused due to the compromise of the Deployer key during their migrations, or it could also potentially be an insider job where the attack was planned to coincide with the event.
Multisignature wallets and pause contract events are also industry standard for majority of blockchain team to mitigate against events of such nature to a greater extent.
Protocol, and Platform Security
Our security team at Neptune Mutual can validate your platform for DNS and web-based security, smart contract reviews, as well as frontend and backend security. We can offer you a solution to scan your platform and safeguard your protocol for known and unknown vulnerabilities that have the potential to have catastrophic long-term effects. Contact us on social media if you are serious about security and have the budget, desire, and feeling of responsibility to do so.
All Comments