SECURITY
SECURITY
SECURITY
$182 million stolen from stablecoin provider Beanstalk Farms in ‘flash loan’ attack
Credit-based stablecoin provider Beanstalk Farms has been hacked, with about $182 million in cryptocurrency stolen.
Those behind the attack used a “flash loan” attack to access the Beanstalk network. A flash loan attack is a type of decentralized finance attack where a cybercriminal takes out a flash loan — a form of noncollateralized lending from a lending protocol — and then manipulates the price of a crypto asset on one exchange to sell it quickly on another. Coinmarketcap noted that flash loan attacks are the most common types of DeFi attacks because they’re the cheapest to pull off and the easiest to get away with.
The amount stolen by the hacker was reported today to include 24,830 Ethereum and more than 100 million Bean tokens. The Bean token is Beanstalk’s stablecoin and is tied to the U.S. dollar, with one Bean equal to $1. Following the hack, the price of Bean crashed to as low as 26 cents.
In response to the attack, Beanstalk Farms posted today that it’s investigating the attack and will make an announcement to the community as soon as possible. In a later tweet, the company said it’s “engaging all efforts to move forward.”
“As a decentralized project, we are asking the DeFi community and experts in chain analytics to help us limit the exploiter’s ability to withdraw funds via CEXes,” the company said. “If the exploiter is open to a discussion, we are as well.”
Of the Ethereum stolen, the person or people behind the attack donated the equivalent of $250,000 to Ukraine, with the rest of the stolen ETH sent to a “tumbling” service called Tornado Cash. A cryptocurrency tumbler is a service that mixes potentially identifiable or tainted cryptocurrency funds with others to obscure the trail back to the fund’s original source.
With the attempts by the hacker to cover their trail with the stolen Ethereum, it’s highly unlikely that this was a case of someone testing Beanstalk’s security, which was the case with Poly Network, instead someone who has targeted the company for profit.
The theft of funds from Beanstalk Farms follows the theft of $615 million in cryptocurrency from the Ronin Network, the blockchain platform that runs the popular play-to-earn game “Axie Infinity.”
Image: Beanstalk Farms
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
