There is no respite for decentralized finance-based platforms on top of Binance Smart Chain [BSC]. This time, it was the AMM protocol called Belt Finance that suffered a loss of millions after software exploitation.
According to Belt Finance, a flash loan attack was initiated on the Binance Smart Chain’s 4Belt [USDT/USDC/BUSD/DAI] pool. The hacker reportedly created a smart contract that used popular decentralized exchange PancakeSwap for the purpose of flash loans and exploited its beltBUSD pool. The malicious entity, however, did not stop there and proceeded to attack its underlying strategy protocols as well as executed the contract 8 times to rake in a total profit of 6,234,753 BUSD.
The Binance Smart Chain-based defi protocol also revealed that beltBUSD vault users endured a loss of 21.36% of funds, while 4Belt pool users sustained a loss of more than 6% of funds. Other pools/vaults were not affected. Soon after detecting the attack, the defi platform paused withdrawals and deposits in a bid to prevent more losses. It added,
“While we are aware that this may cause our users inconvenience, it was done to prevent the same exploit from attacking our other vaults/pools. All other pools/vaults and all funds remain unaffected and safe from this attack, and we have now patched the attack vector that allowed this exploit of 4Belt and beltBUSD.”
Belt Finance also revealed that the team was devising a compensation plan that will be released within the next 48 hours.
According to the Rekt Blog, which analyses defi exploits, explained that the lost $6.3 million in a total of eight transactions.
Binance Smart Chain Weighs In
The bloodbath for the BSC does not seem to stop anytime soon. In just nine months, the network’s rise to prominence has attracted many platforms. However, several of these defi protocols operating on top of Binance Smart Chain’s decentralized finance ecosystem have suffered back-to-back hacks and exploits in a short period of time.
Binance Smart Chain had recently stated that the “well-organized hackers” behind the flash loan attacks and security breaches were targeting the platform specifically.