Binance Smart Chain Protocol Qubit Finance Hacked for $80M

Key Takeaways

  • A hacker has stolen 206,809 BNB worth $80 million from Qubit Finance.
  • The hacker exploited a vulnerability on the protocol’s Ethereum bridge.
  • The Qubit team has offered a bounty of $250,000 to the hacker in return for the stolen funds.

Qubit Finance, a DeFi protocol on Binance Smart Chain, was exploited today for $80 million worth of BNB tokens.

Qubit Hit by Hack

Another Binance Smart Chain protocol has been hacked.

An unknown hacker was able to drain $80 million worth of BNB tokens from the Binance Smart Chain lending protocol Qubit Finance.

On Jan. 27, at around 21:36 UTC, a hacker exploited a vulnerability on the Qubit Bridge, a cross-chain bridge connected to Ethereum. This bridge lets users deposit WETH from Ethereum mainnet into Qubit’s Binance Smart Chain-based smart contract to mint xETH, which can be used as lending collateral on the protocol.

Due to a critical vulnerability in the bridge’s smart contracts, the hacker was able to mint xETH without depositing any WETH, thereby giving them the ability to take out unlimited leveraged loans from Qubit’s pools.

In a Twitter post announcing the exploit, the team reported that the hacker “minted unlimited xETH to borrow on BSC.” Using the xETH as collateral, the hacker proceeded to siphon 206,809 BNB from Qubit Finance, worth about $80 million at the time. The loot can be seen sitting in the hacker’s address.

In an on-chain message directed to the hacker, the Qubit team offered a bounty of $250,000 in return for the stolen funds, as per the protocol’s ongoing bug bounty program with the ethical hacking platform Immunefi. In another post, the Qubit team has also tried to contact the hacker to negotiate.

The Qubit Finance exploit appears to be the seventh-largest DeFi protocol hack in terms of the value of stolen funds, as per data from DeFi Yield. Following the hack, the protocol’s Qubit token has dropped 27% over the past 24 hours.

Since the launch of Binance Smart Chain in September 2020, the chain has become infamous for the amount of hacks, exploits and rug pulls that have taken place on it.

In 2021, several DeFi projects on Binance Smart Chain suffered major hacks or exploits. Some of the most severe include Meerkat Finance’s $31 million hack in March 2021, a Uranium Finance exploit that cost protocol users $50 million in April, and the $88 million attack on Venus Finance in May.

Qubit Finance has not yet commented on plans to reimburse or compensate users for funds lost due to the exploit.

Disclosure: At the time of writing, the author of this piece owned ETH and other cryptocurrencies.

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Binance Smart Chain DeFi Project Hacked for $31 Million

The BNB-BUSD yield farming “Vault 1” of the DeFi application Meerkat finance, a clone of  Yearn Finance on Binance Smart Chain, was drained for $31 million this morning.  Meerkat Finance…

BSC Protocol Uranium Finance Hacked for $50 Million

Yet another DeFi project on the Binance Smart Chain has fallen to hackers. This time, Uranium Finance was drained of more than $50 million.  Uranium Finance Joins List of Hacked…

How to Profit From Market Volatility Using Linear and Inverse Contract…

Perpetual contracts are agreements between buyers and sellers with no specific expiry date, unlike other types of similar contracts such as options or futures. It is for the buyer and…

Problems Abound on BSC as Bunny Finance Suffers Attack

An attacker used a flash loan to exploit the Binance Smart Chain yield aggregator Bunny Finance earlier this morning. They dumped BUNNY tokens on the market, causing prices to plummet…


Related Posts

Axie Infinity Ronin Bridge Hacker has already moved 38,293 ETH ($114.8 million)

Axie Infinity Ronin Bridge Hacker has already moved 38,293 ETH ($114.8 million)

Ethereum › Hacks Hackers who stole over $615 million in the Ronin Network exploit have already moved over $114 million worth of Ethereum. 2 min readUpdated: April 20, 2022 at 1:41 am Cover art/illustration via CryptoSlateAlmost a month ago, Ronin Network, the side-chain built to scale Axie Infinity was exploited by hackers who made off…

Bulls in Control: Radio Caca (RACA) Listing Rumors on Binance Send Token up 20%

Bulls in Control: Radio Caca (RACA) Listing Rumors on Binance Send Token up 20%

Rumors of a possible listing of Radio Caca (RACA) on Binance made the RACA token rise more than 20% this Sunday morning (USA), according to data from the CoinGecko portal. The cryptocurrency that had been trading around $0.0018 surged to $0.0021 in less than 1 hour, boosted by rumors. At the time of writing, the…

Axie Infinity sees ‘no signs of buyers’ as AXS price tumbles 30% in two weeks

Axie Infinity sees ‘no signs of buyers’ as AXS price tumbles 30% in two weeks

Axie Infinity (AXS) price has fallen by nearly 30% two weeks after losing $625 million to a hacking incident involving its play-to-earn gaming platform’s underlying blockchain, the Ronin Network.AXS/USD dropped to $46.69 on April 11, its lowest level since March 16, signaling a dampening buying sentiment among traders and investors following the hacking incident. Independent…

Play to Earn Game Edensol Integrates Secretum Messaging and Trading dApp

Play to Earn Game Edensol Integrates Secretum Messaging and Trading dApp

With the appearance of Metaverse, GameFi projects’ popularity is increasingly growing in the blockchain space whereas Web 2.0 traditional tools seem to be obsolete and not adapted to the Web 3.0 conceptual step up. This instrumental gap is filled by a unique partnership between Secretum and Edensol. Security, transparency, decentralization and immediacy as fundamental values…