Acala Stablecoin Exploit sees 1.2 Billion aUSD Theft Attempt

The Acala stablecoin, aUSD, is the latest stablecoin to lose its peg after a massive exploit on the network. Acala is decentralized finance (DeFi) platform created on the Polkadot network. Earlier this week, the Acala network suffered an exploit that saw the exploiter drain 1.2 billion aUSD from the protocol. The exploit led to aUSD’s depeg, leading to the Acala team proposing several solutions, among them a token burn.

Acala nears 1:1 peg

The Acala team has burned more than 1.2 billion aUSD tokens to save the peg. The hackers minted the burned tokens last week after they exploited a bug in one of the liquidity pools on the platform.

The Acala stablecoin was launched earlier this year. The stablecoin has sustained its peg since launch until the hack happened. The hack led to aUSD crashing from around $0.009. However, the peg shows signs of regaining because of these token burns. At the time of writing, aUSD was trading at $0.89.

The Acala community voted on Monday when they proposed to burn the 1.2 billion aUSD tokens stolen by the hacker to mitigate the effects. The hackers had stolen the funds from the iBTC/aUSD liquidity pool, causing the stablecoin to drop below $0.

Liquidity pools are popular among DeFi staking platforms. A liquidity pool involves a collection of crypto assets locked within a smart contract, creating liquidity for a token to boost the rate at which transactions are settled on decentralized exchanges (DEXs) and other decentralized finance protocols.

Nearly all of the exploited aUSD were still on the Acala network. The network developers posted in a community forum on Monday that only a tiny fraction of the exploited tokens were swapped for ACA. At the same time, some were withdrawn from the Acala parachain.

The stolen tokens were estimated to be worth between $0 to $10 million. Therefore, the recovered tokens were likely around 1.6 million aUSD. It is commendable, given that in most exploits in the DeFi space, the stolen crypto is cashed out within a short time.

Security experts are conducting a post-attack analysis to detect the aUSD tokens that were minted by the hacker and later swapped for other tokens. These tokens could have also been laundered through liquidity pools. The analysis will also uncover the other transactions the 16 wallet addresses conducted, including outflows to other addresses, exchanges, and parachains.

Hacks in the DeFi space

The DeFi space has been vulnerable to hacking attacks for a long time. The attack on Acala is not the only one that has happened over the past week. Curve Finance, one of the best DeFi exchanges, was exploited early last week, with the attacker stealing $570,000 worth of Ether from the protocol.

However, Binance later announced that it had frozen $450,000 worth of the stolen funds from Curve. The CEO of Binance, Changpeng Zhao, said that the exchange was working with law enforcement to reimburse the stolen funds to the users.


Tamadoge - The Play to Earn Dogecoin

Our Rating

  • '10x - 50x Potential' - CNBC Report
  • Deflationary, Low Supply - 2 Billion
  • Listed on OKX, Bitmart, LBank, MEXC, Uniswap
  • Move to Earn, Metaverse Integration on Roadmap
  • NFT Doge Pets - Potential for Mass Adoption