- Ankr protocol has swiftly patched the security vulnerability exploited by hackers earlier this week
- The DeFi protocol has also assured users that compensation for losses is on the way
Decentralized finance (DeFi) protocol Ankr, also popular as the first ‘node-as-a-service’ platform, has announced that it has restored security after suffering a hack on Dec 1st. The attackers stole an estimated $5 million worth of BNB across liquidity pools in various DEXes.
In the announcement, Ankr states that it has taken the necessary steps to compensate liquidity providers that were affected by the hack. It will purchase $5 million worth of BNB to use in paying out the compensation.
Chandler Song, co-founder and CEO of Ankr, said that steps have been taken to restore normalcy and do right by customers. He added that the swiftness of the response to the situation is unlike other hacks that have occurred this year in the crypto space. He credited Ankr’s team for handling it so well.
“Thanks to the fast actions from the Ankr team and various protocols, we were able to minimize any damage done extremely quickly… Unlike previous events in the space this year, we are doing the right thing by our community and ensuring that this is taken care of immediately with lost funds restored,”
The hack happened after attackers exploited Ankr’s smart contract for aBNBc token—a token that represents Binance’s BNB tokens staked on Ankr. The compromised smart contract allowed the attacker to upload a malicious version of it and then proceed to mint an infinite supply of the token which was then exchanged for USDC.
Next steps for Ankr and Its users
The Ankr team says it quickly identified the vulnerability and began flagging the attackers’ attempts to liquidate the assets via various exchanges, an action which it says helped limit damages to $5 million. No other liquid staking tokens or Ankr products were affected, while Ankr’s validators, RPC API, and AppChain services also continued to operate without any disruptions during the mishap.
Despite having fixed the security issues, Ankr is still taking more steps to ensure more robust and complete security. The protocol is discontinuing the current smart contracts of the aBNBc token and its sister token aBNBb.
New tokens will be minted and airdropped to all users of the current tokens. The announcement states that Ankr will use a snapshot to airdrop the newly released tokens to all valid aBNBc holders.
Meanwhile, it directs users and liquidity providers, to follow certain guidelines to mitigate risks. These include not trading aBNBc or buying speculatively at a discount, removing liquidity from DEXes, and just waiting patiently if they were affected by the exploit as the snapshot will ensure compensation is received.