The attack took effect due to the mechanism of rapid recovery or flash loans. Between 2019 and 2021, this modus operandi made possible the theft of more than 280 million dollars in DeFi.
The Binance Smart Chain’s decentralized finance platform (DeFi) has another victim in its environment. The Spartan protocol suffered a sudden attack that caused the theft of about $ 30 million this weekend.
During this Saturday, May 1, an attacker took advantage of vulnerability in Spartan, a DeFi platform that offers “flash loans” or quick loans. This mechanism took action several times in the Ethereum DeFi during the past year.
Spartan developers confirmed the attack, loss of funds, and other highlights via the project’s Twitter. Spartan explained that the attacker used $ 61 million in Binance coin (BNB) to empty the protocol’s liquidity pools in one of its messages.
A Bug that Created an Access to Funds
Peckshield, a blockchain-focused security analytics firm, explained how the bug allowed funds to disappear from Spartan works. According to their analysis, the vulnerability of the protocol code arose from the liquidity calculation, which allowed it to create artificial inflation and drain the funds blocked in the Spartan contract; all this, through a flash loan.
The attacks on DeFi platforms happened because the said platform has too many errors in the codes of the protocols. These errors have started because of a lack of auditing and the speed of the media, intending to capitalize when DeFi becomes more popular.
In this regard, the creators of Spartan assure that this is not the same case. The developers claimed that their code received audits on the same social network since September 2020.
The team behind the protocol hopes to rebuild from the ashes left by the attack and offer a safe product. In the meantime, they will seek a better way to recover the funds and return them to the affected platform participants in conjunction with Binance.
DeFi Hacks are on Binance Smart Chain
Binance’s chain for innovative contract development, Binance Smart Chain, has been proposed as a competition for Ethereum; among other things, with its ability to create DeFi platforms, which boomed in 2020.
Spartan is the second decentralized finance platform that has lost millions of dollars after a hack in less than a week. On April 28, it was Uranium Finance’s turn.
Uranium received a cybernetic attack during the transition to version 2.1 of the protocol. That hack left losses that surpassed 50 million dollars in the cryptocurrencies in the vault of the platform, possibly due to a change that its developers made to the source code of SushiSwap, forked for the creation of Uranium.
In late 2019 and the beginning of this year 2021, attacks on DeFi platforms have suffered a subtraction of at least 284 million dollars.
By: Jenson Nuñez
