U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Crooks steal $182 million from Beanstalk DeFi platform

Credit-based stablecoin protocol Beanstalk discloses a security breach that resulted in the loss of all of its $182 million. The decentralized, credit-based finance system Beanstalk suffered a security breach that resulted in financial losses of $182 million. Researchers at blockchain analysis firm PeckShield reported that the attackers have stolen $80 M for the hacker. PeckShield first reported […]

Beanstalk DeFi

Credit-based stablecoin protocol Beanstalk discloses a security breach that resulted in the loss of all of its $182 million.

The decentralized, credit-based finance system Beanstalk suffered a security breach that resulted in financial losses of $182 million. Researchers at blockchain analysis firm PeckShield reported that the attackers have stolen $80 M for the hacker. PeckShield first reported the suspicious activity to the Beanstalk team via Twitter on Sunday.

The security breach was caused by two shady governance proposals (BIP-18 and BIP-19) and a flash loan attack. The attackers

The attacker made a proposal in the suspicious transaction, the malicious contract will be executed when the proposal passes, smart contract auditor BlockSec explained.

“The problem for the protocol was seeded by suspicious governance proposals BIP-18 and BIP-19, which were issued on Saturday by the exploiter, who asked for the protocol to donate funds to Ukraine.” reported the CoinTelegraph. “However, those proposals had a malicious rider attached to them th ultimately created the sinkhole of funds from the protocol, according to smart contract auditor BlockSec.”

Researchers at smart contract auditors and developers at Omniscia who analyzed the attack explained that the attackers conducted a flash-loan attack on the Beanstalk Protocol. The hackers exploited a vulnerability in its newly introduced Curve LP Silos to compromise the protocol’s governance mechanism and conduct an emergency execution of a malicious proposal to steal the funds.

A flash loan attack takes place when hackers loan funds from a DeFi platform and bypass the loan mechanism to steal funds using exploits.

PeckShield researchers explained that attackers deposited most of the stolen funds to the mixing service, they also transferred 250,000 USDC to the Ukraine Crypto Donation wallet.

The platform is still investigating the security breach, it also invited the thieves to negotiate to return the stolen funds.

According to Cointelegraph, project spokesperson “Publius” on April 17 wrote that the project is likely lost since there is no venture capital backing to cover the losses.

Beanstalk DeFi

“In a team and community meeting on the Beanstalk Discord channel on April 18, Publius doxxed the three individuals who developed the project.” added Cointelegraph. “They are Benjamin Weintraub, Brendan Sanderson and Michael Montoya, all of whom attended the University of Chicago together and conceived Beanstalk Farms.” 

DeFi platforms are becoming a privileged target of threat actors, in February attackers have stolen $325 million in cryptocurrency leveraging a bug in the Wormhole communication bridge, while in August 2021 attackers stole $611 from the cross-chain protocol Poly Network.

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: 
https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Beanstalk DeFi)

[adrotate banner=”5″]

[adrotate banner=”13″]