Just as Jack climbed the beanstalk in the popular fairy tale, bad actors also gained access to the decentralized credit (DeFi) platform known as Beanstalk, according to reports earlier this week. .
The attack would have caused Beanstalk to lose $182 million – but the repercussions of this hit on a DeFi system highlighted concerns that could affect the entire market.
“This attack is definitely a sign of things to come,” said James McQuiggan, security awareness advocate at KnowBe4, a cybersecurity awareness and assistance company. “Cybercriminals continue to target organizations with money. Major banking companies have worked hard to build strong security cultures to significantly reduce the risk of attack and successful breach.
While hacktivism and other drivers unrelated to theft remain a motivation for many of these intrusions, it is cyber theft that motivates many of these hackers and syndicates.
“DeFi platforms operating under the mantra ‘code is law’, smart contracts are built using the same logic as any other computer program and therefore suffer the same risk of errors or errors being introduced that can be exploited by bad actors,” said Chris Clements, vice president of solutions architecture at Cerberus Sentinel.
The recent Beanstalk breach allowed attackers to steal $80 million in cryptocurrency, with the company’s losses more than double that amount, also in part due to the devaluation of the company’s BEAN stablecoin. (Beanstalk’s cryptocurrency fell from around just over $1 to just 11 cents when the attack was reported.)
How Decentralized Financial Systems Create Openings for Attack
In another malicious move, the bad actor allegedly used his stolen, but important, position in the Beanstalk cryptonet to push through at least one self-serving proposal.
Jim Ducharme, COO at Outseer, the Massachusetts-based payment verification company that spun off from RSA Security last summer, said DeFi systems like Beanstalk are “still relatively new and present an attractive opportunity for hackers to take advantage of its emergence. security protocols.
“While a decentralized financial system sounds appealing to many, storing such sensitive information on a vast network of ledgers creates more openings for hackers to slip in undetected and steal large sums of cash in a snap,” Ducharme said.
In this case, an attacker using a “flash loan”, in which large amounts of cryptocurrency were borrowed and repaid in a single transaction without collateral, and then the borrowed coins were taken to buy a majority stake in the platform. form Beanstalk, while also transferring assets to themselves, according to Clements.
“For a surprisingly low cost or [effort]”, he said, “the striker was able to earn almost 200 million dollars in salary. “
Indeed, cyber thieves allegedly stole crypto assets from Beanstalk through a “malicious proposition”, according to a post-mortem review by Omniscia, which audits and reviews smart contracts and blockchains. Hackers were able to carry out a so-called ‘flash loan attack’, exploiting a flaw in one of Beanstalk’s new protocols, according to the cyber auditor, and allowing these bad actors to transfer funds to their own Ethereum wallet .
A flash loan allows users to borrow a large amount of stablecoins from other traders without providing collateral, so approval for this unsecured loan is done in a single transaction virtually instantly on the blockchain. Some hackers have identified vulnerabilities in various DeFi platforms that are exploitable in a short period of time, performing malicious actions right after a flash loan is approved.
At the moment, DeFi systems like Beanstalk are still relatively new and provide an “attractive opportunity for hackers to leverage their emerging security protocols,” Ducharme said.