Episode 237: Jacked on the Beanstalk – DeFi’s Security Debt Runs Wide, Deep

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

This weekend, the decentralized finance platform Beanstalk Farms acknowledged that it was the latest victim of a sophisticated cyber attack, with an estimated $182 million stolen in an attack that exploited Beanstalk’s majority vote governance system to approve an illicit transfer of crypto currency assets.

According to reporting by the Verge and other outlets, Beanstalk – which describes itself as a “decentralized credit based stablecoin protocol”- was robbed via a sophisticated attack that saw malicious actors exploit Beanstalk’s governance mechanism by which participants can vote collectively on changes to the code, with votes proportional to the value of tokens that they hold.

What SolarWinds Tells Us About Securing the Software Development Supply Chain

Jennifer Fernick is the Senior Vice President & Global Head of Research NCC Group.

According to monitoring firms, the attack saw hackers use a “flash loan” to borrow close to $1 billion in cryptocurrency assets, which they used to buy a supermajority voting stake in Beanstalk Farms. That voting power was then used to execute code that transferred an estimated $182 million in Beanstalk cryptocurrency assets to their own wallet. The attacker then instantly repaid their flash loan, netting an $80 million profit when it was all said and done.

2021: A big year for DeFi…and DeFi hacks

The Beanstalk hack, however, is just the latest to affect so-called “decentralized finance” (or DeFi) systems – and not even close to the largest one, at that.

In fact, even as ads for cryptocurrencies and crypto exchanges

Read more

Explore the site

More from the blog

Latest News