HEIST: BEUR and ALBT (AllianceBlock) token prices tumbled Tuesday - in the fallout from a major hack exploiting the BonqDAO DeFi protocol.

BEUR and ALBT token prices tumbled Tuesday – in the fallout from a major hack exploiting the BonqDAO DeFi protocol.

The exploit targeted one of the Decentralised Autonomous Organisation’s (DAO) smart contracts.

Attackers made off with an estimated $120m in loot.

Leading crypto security analysists at PeckShield broke down how the exploit happened.

BonqDAO Heist: The Raid

Crypto hackers identified a vulnerability in the coding of a BonqDAO smart contract.

The target was a price oracle contract – responsible for supplying a live-feed of data (market price, volume, etc.) to the blockchain.

Once into the smart contract, this allowed criminals to alter the UpdatePrice function. One altered this enables the manipulation of token pricing.

In this case they targeted wALBT (wrapped Alliance Block Token).

AllianceBlock is an ecosystem developed to bridge TradFi capital with DeFi products. ALBT is the native token used for exchange and governance.

Price manipulation increased the value of wALBT, and these new riches minted over 100m BEUR tokens.

BEUR is the native low-volatility utility token, used for settlement on BonqDAO.

Further manipulation of the wALBT price oracle saw thieves liquidate 33 token troves.

BonqDAO Heist: The Take

With their loot bags loaded, the hackers then made off with illict gains of 113.8M wALBT and 98m BEUR.

The take was quickly divided. BEUR swapped for USDC (using Uniswap) saw $500k realised.

All 113.8m wALBT burned to unlock ALBT.

Then more token dumping to net another $500k in USDC, and $236k in Ethereum (144 ETH).

By this point late-night markets were reeling. Prices tumbled dramatically – wALBT decimated with a -51% drop, and BEUR plummeting -34%.

BonqDAO Heist: The Discovery

BonqDAO moved to address the attack almost instantly.

In an online disclosure, the team highlighted all remaining assets were secure and unaffected. The majority of token troves aren’t vulnerable.

Meanwhile, pausing the BonqDAO protocol has temporarily suspended activities on the platform.

The team are working to enable user withdrawals without replacing the stolen BEUR troves. This should happen today.

AllianceBlock is working through a snapshot of user’s balances before the attack. Plans are underway for the minting of an airdrop of replacement ALBT tokens for victims.

Read More:

Bitcoin Price Prediction as Fed Interest Rate Decision is Revealed – New Bull Market Starting?

UK Premier League Faces Criticisms For Signing NFT Deal With Sorare

10+ Best Altcoins to Invest in 2023 – Which New Altcoins to Buy?