Belt Finance Loses $6.23M in Another Exploit of a Binance Smart Chain DeFi Protocol
30 May, 2021•1 min read•Blockchain
Belt Finance, a platform that provides automated market making for decentralized finance (DeFi), was hacked Saturday in a flash loan attack that resulted in the loss of $6.23 million.
It's the latest attack on a DeFi protocol built on Binance Smart Chain, one of the so-called Ethereum killers that's built by centralized crypto exchange giant Binance. In a blog post, Belt Finance said the attacker created a smart contract that used PancakeSwap for flash loans and exploited its beltBUSD pool and its strategy protocols and then proceeded to execute the contract eight times for a total profit of 6,234,753 BUSD (US $6.23 million). beltBUSD vault users suffered a 21.36% loss of funds, while 4Belt pool users lost 5.51%, the protocol said. No other pools/vaults were affected. The protocol said it paused withdrawals and deposits as soon as it were aware of the attack and that the vulnerability that allowed the attack to occur has been patched. In its blog post dated yesterday, Belt Finance said withdrawals and deposits would resume sometime in the next 24 to 48 hours and that it's working on a "compensation plan" that will be released in next 48 hours.