Ethereum-based stablecoin protocol Beanstalk Farms has become the latest victim of a crypto heist following a $182 million hack of the platform.
The protocol’s developers confirmed that the attackers exploited the platform by taking a $1 billion flash loan on the Aave lending platform. The flash loan was denominated in three stablecoins – Tether, USD, and DAI – allowing them to hide a huge amount of Beanstalk’s native token, Stalk.
The threat actors subsequently initiated a majority voting power in the DeFi platform, executing dubious governance proposals and draining liquidity in the process.
The Attackers Exploited Vulnerability On The Platform
The project developers noted that the attackers were able to accomplish the exploit because the platform didn’t use any flash loan resistant measure to identify the percentage of Stalk that had voted in favor of the BIP.
Blockchain analytics firm PeckShield noted that the attackers transferred about $80 million in crypto funds to the crypto mixer Tornado Cash to secure their loot. However, one interesting thing here is that they decided to donate $250,000 worth of the stolen tokens to Ukraine’s relief wallet.
“Unfortunately, the same governance procedure that put beanstalk in a position to succeed was ultimately its undoing,” a spokesperson from Beanstalk noted.
Beanstalk didn’t state whether it will compensate the victims of the attack. Following the attack, Beanstalk’s BEAN stablecoin lost its value. As of press time, the token is trading almost 80% less than its pegged value of $1.
DeFi Platforms Increasingly Becoming Vulnerable
The latest attack has shown that DeFi platforms are still vulnerable to attack, despite being touted as the real competitor to the traditional finance industry. The platforms have several vulnerabilities that attackers have taken advantage of over the past few years. DeFi platforms have already lost hundreds of millions of dollars from several attacks over the years, and as long as there are vulnerabilities, attackers will continue targeting the platforms.